Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1542410
MD5:c2fd4f13dbcbcdca3d4c63a41bb3d9ba
SHA1:7bf2a8be1c62b7f00da60c08a3907246b2852283
SHA256:1a762c8643e53ce22340047e05f9a171546669523a2e1166a8dc5cf59d626575
Tags:exeuser-Bitsight
Infos:

Detection

LummaC
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Detected unpacking (changes PE section rights)
Found malware configuration
Suricata IDS alerts for network traffic
Yara detected LummaC Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Hides threads from debuggers
LummaC encrypted strings found
Machine Learning detection for sample
PE file contains section with special chars
Sample uses string decryption to hide its real strings
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Checks for debuggers (devices)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Detected potential crypto function
Entry point lies outside standard sections
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
PE file contains sections with non-standard names
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 3040 cmdline: "C:\Users\user\Desktop\file.exe" MD5: C2FD4F13DBCBCDCA3D4C63A41BB3D9BA)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Malware Configuration

Threatname: LummaC

{"C2 url": ["licendfilteo.site", "spirittunek.store", "dissapoiznw.store", "studennotediw.store", "eaglepawnoy.store", "bathdoomgaz.store", "mobbipenju.store", "clearancek.site"], "Build id": "4SD0y4--legendaryy"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
decrypted.memstrJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:12.025566+020020564771Domain Observed Used for C2 Detected192.168.2.6545091.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:11.821142+020020564711Domain Observed Used for C2 Detected192.168.2.6571511.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:11.993335+020020564811Domain Observed Used for C2 Detected192.168.2.6545971.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:11.910630+020020564831Domain Observed Used for C2 Detected192.168.2.6552701.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:12.055107+020020564731Domain Observed Used for C2 Detected192.168.2.6650251.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:11.888920+020020564851Domain Observed Used for C2 Detected192.168.2.6636491.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:12.038171+020020564751Domain Observed Used for C2 Detected192.168.2.6642061.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:12.010457+020020564791Domain Observed Used for C2 Detected192.168.2.6527671.1.1.153UDP
    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
    2024-10-25T21:52:13.666681+020028586661Domain Observed Used for C2 Detected192.168.2.649719104.102.49.254443TCP

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Antivirus / Scanner detection for submitted sample
    Source: file.exeAvira: detected
    Antivirus detection for URL or domain
    Source: https://steamcommunity.com:443/profiles/76561199724331900URL Reputation: Label: malware
    Found malware configuration
    Source: file.exe.3040.1.memstrminMalware Configuration Extractor: LummaC {"C2 url": ["licendfilteo.site", "spirittunek.store", "dissapoiznw.store", "studennotediw.store", "eaglepawnoy.store", "bathdoomgaz.store", "mobbipenju.store", "clearancek.site"], "Build id": "4SD0y4--legendaryy"}
    AI detected suspicious sample
    Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
    Machine Learning detection for sample
    Source: file.exeJoe Sandbox ML: detected
    Sample uses string decryption to hide its real strings
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: clearancek.site
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: licendfilteo.site
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: spirittunek.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: bathdoomgaz.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: studennotediw.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: dissapoiznw.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: eaglepawnoy.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: mobbipenju.store
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: clearancek.site
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: lid=%s&j=%s&ver=4.0
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: TeslaBrowser/5.5
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: - Screen Resoluton:
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: - Physical Installed Memory:
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: Workgroup: -
    Source: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpString decryptor: 4SD0y4--legendaryy
    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:49719 version: TLS 1.2
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00DCD110
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00DCD110
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C274D4CAh1_2_00E063B8
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 53F09CFAh1_2_00E099D0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], 27BAF212h1_2_00E0695B
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+04h]1_2_00DCFCA0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-10h]1_2_00DD0EEC
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx1_2_00E06094
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F3285E74h1_2_00E04040
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ecx, dword ptr [edx]1_2_00DC1000
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then dec ebx1_2_00DFF030
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+20h]1_2_00DD6F91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+0Ch]1_2_00DED1E1
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]1_2_00DD42FC
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], dx1_2_00DE2260
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [esi], ax1_2_00DE2260
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov byte ptr [edi], al1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+30h]1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+14h]1_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ebp, eax1_2_00DCA300
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C274D4CAh1_2_00E064B8
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx1_2_00DDD457
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx eax, word ptr [esi+ecx]1_2_00E01440
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+0Ch]1_2_00DEC470
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov dword ptr [esp], 00000000h1_2_00DDB410
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]1_2_00DEE40C
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, byte ptr [ecx+esi+25h]1_2_00DC8590
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], 7789B0CBh1_2_00E07520
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx1_2_00DE9510
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]1_2_00DD6536
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, byte ptr [edx]1_2_00DFB650
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]1_2_00DEE66A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+08h]1_2_00E067EF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]1_2_00DED7AF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00E05700
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ecx, word ptr [edi+eax]1_2_00E07710
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], dx1_2_00DE28E9
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edx, byte ptr [esi+edi]1_2_00DC49A0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h1_2_00DDD961
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 62429966h1_2_00E03920
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax1_2_00DD1ACD
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edx, byte ptr [esi+ebx]1_2_00DC5A50
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F3285E74h1_2_00E04A40
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax1_2_00DD1A3C
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+40h]1_2_00DD1BEE
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]1_2_00DD3BE2
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov ebx, dword ptr [edi+04h]1_2_00DF0B80
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 53F09CFAh1_2_00E09B60
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+000006B8h]1_2_00DDDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], F8FD61B8h1_2_00DDDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00E09CE0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebp+edx*8+00h], 9ECF05EBh1_2_00E09CE0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [esi+edx*8], C85F7986h1_2_00DECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00DECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], C85F7986h1_2_00DECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax1_2_00DEAC91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [edx], ax1_2_00DEAC91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [eax+esi+02h], 0000h1_2_00DEEC48
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp word ptr [ebp+edi+02h], 0000h1_2_00DE7C00
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], A70A987Fh1_2_00DFFC20
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00E08D8A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov dword ptr [esp+1Ch], 5E46585Eh1_2_00DEFD10
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [ebp-14h]1_2_00DEDD29
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp+40h]1_2_00DD1E93
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp byte ptr [ebx], 00000000h1_2_00DD6EBF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ecx, word ptr [ebp+00h]1_2_00DCBEB0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx edi, byte ptr [ecx+esi]1_2_00DC6EA0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then movzx ebx, word ptr [ecx]1_2_00DEAE57
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00DE5E70
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [eax], cx1_2_00DE7E60
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov edi, ecx1_2_00DD4E2A
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov word ptr [edx], 0000h1_2_00DDFFDF
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx1_2_00DC8FD0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then cmp dword ptr [edi+edx*8], F3285E74h1_2_00E07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00E07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp ecx1_2_00E05FD6
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esi+20h]1_2_00DD6F91
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then mov eax, dword ptr [esp]1_2_00DFFF70
    Source: C:\Users\user\Desktop\file.exeCode function: 4x nop then jmp eax1_2_00DE9F62

    Networking

    barindex
    Suricata IDS alerts for network traffic
    Source: Network trafficSuricata IDS: 2056471 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (clearancek .site) : 192.168.2.6:57151 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056485 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (mobbipenju .store) : 192.168.2.6:63649 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056473 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (licendfilteo .site) : 192.168.2.6:65025 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056483 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (eaglepawnoy .store) : 192.168.2.6:55270 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056475 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (spirittunek .store) : 192.168.2.6:64206 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056477 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (bathdoomgaz .store) : 192.168.2.6:54509 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056479 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (studennotediw .store) : 192.168.2.6:52767 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2056481 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (dissapoiznw .store) : 192.168.2.6:54597 -> 1.1.1.1:53
    Source: Network trafficSuricata IDS: 2858666 - Severity 1 - ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup : 192.168.2.6:49719 -> 104.102.49.254:443
    C2 URLs / IPs found in malware configuration
    Source: Malware configuration extractorURLs: licendfilteo.site
    Source: Malware configuration extractorURLs: spirittunek.store
    Source: Malware configuration extractorURLs: dissapoiznw.store
    Source: Malware configuration extractorURLs: studennotediw.store
    Source: Malware configuration extractorURLs: eaglepawnoy.store
    Source: Malware configuration extractorURLs: bathdoomgaz.store
    Source: Malware configuration extractorURLs: mobbipenju.store
    Source: Malware configuration extractorURLs: clearancek.site
    Source: Joe Sandbox ViewIP Address: 104.102.49.254 104.102.49.254
    Source: Joe Sandbox ViewASN Name: AKAMAI-ASUS AKAMAI-ASUS
    Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C42cb6563c5fec8103907e3e99aebe27b; Path=/; Secure; HttpOnly; SameSite=Nonesessionid=24617773c397a043c9b1ebce; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type35741Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveFri, 25 Oct 2024 19:52:13 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
    Source: global trafficDNS traffic detected: DNS query: clearancek.site
    Source: global trafficDNS traffic detected: DNS query: mobbipenju.store
    Source: global trafficDNS traffic detected: DNS query: eaglepawnoy.store
    Source: global trafficDNS traffic detected: DNS query: dissapoiznw.store
    Source: global trafficDNS traffic detected: DNS query: studennotediw.store
    Source: global trafficDNS traffic detected: DNS query: bathdoomgaz.store
    Source: global trafficDNS traffic detected: DNS query: spirittunek.store
    Source: global trafficDNS traffic detected: DNS query: licendfilteo.site
    Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
    Source: global trafficDNS traffic detected: DNS query: sergei-esenin.com
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/privacy_agreement/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.valvesoftware.com/legal.htm
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
    Source: file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.s
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8d
    Source: file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://clearancek.site:443/apiX
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/
    Source: file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuX
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPK
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1&
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&l=en
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
    Source: file.exe, 00000001.00000002.2238576561.00000000014DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BX
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=UuGFpt56D9L4&l=
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=engli
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=KkhJqW2NGKiM&l=engli
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&amp
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=qYlgdgWOD4Ng&amp
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
    Source: file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&amp
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dissapoiznw.store:443/api
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://eaglepawnoy.store:443/apiy
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/en/
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://licendfilteo.site:443/api
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
    Source: file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/
    Source: file.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/K
    Source: file.exe, 00000001.00000002.2238427249.0000000001488000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236484730.0000000001487000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/api
    Source: file.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/apiA
    Source: file.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/apiK
    Source: file.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com/t
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sergei-esenin.com:443/api
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://spirittunek.store:443/api
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
    Source: file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/
    Source: file.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/2
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/L
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/discussions/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238156506.0000000001446000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
    Source: file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/market/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/my/wishlist/
    Source: file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900
    Source: file.exe, 00000001.00000002.2238576561.00000000014DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges
    Source: file.exe, 00000001.00000002.2238576561.00000000014DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/
    Source: file.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900r
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/workshop/
    Source: file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C42cb6563c5fec81
    Source: file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/about/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/explore/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/legal/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/mobile
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/news/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/points/shop/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/privacy_agreement/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/stats/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/steam_refunds/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
    Source: file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
    Source: file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
    Source: file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
    Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
    Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:49719 version: TLS 1.2

    System Summary

    barindex
    PE file contains section with special chars
    Source: file.exeStatic PE information: section name:
    Source: file.exeStatic PE information: section name: .rsrc
    Source: file.exeStatic PE information: section name: .idata
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD02281_2_00DD0228
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E0A0D01_2_00E0A0D0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F010C11_2_00F010C1
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00EC10DB1_2_00EC10DB
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E040401_2_00E04040
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0109D1A51_2_0109D1A5
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA00481_2_00FA0048
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC10001_2_00DC1000
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD20301_2_00DD2030
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC71F01_2_00DC71F0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCE1A01_2_00DCE1A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC51601_2_00DC5160
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF82D01_2_00DF82D0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF12D01_2_00DF12D0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC12F71_2_00DC12F7
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00EB42DE1_2_00EB42DE
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F9428F1_2_00F9428F
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F8A2391_2_00F8A239
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_010BB3D21_2_010BB3D2
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F993D91_2_00F993D9
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF23E01_2_00DF23E0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCB3A01_2_00DCB3A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC13A31_2_00DC13A3
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCA3001_2_00DCA300
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF64F01_2_00DF64F0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD049B1_2_00DD049B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD44871_2_00DD4487
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DEC4701_2_00DEC470
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DDC5F01_2_00DDC5F0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC85901_2_00DC8590
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F9E5A01_2_00F9E5A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F8F5901_2_00F8F590
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC35B01_2_00DC35B0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E086F01_2_00E086F0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC164F1_2_00DC164F
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E086521_2_00E08652
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E6762B1_2_00E6762B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F8D6201_2_00F8D620
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DFF6201_2_00DFF620
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00EE177A1_2_00EE177A
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DFB8C01_2_00DFB8C0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DFE8A01_2_00DFE8A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCA8501_2_00DCA850
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF18601_2_00DF1860
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E089A01_2_00E089A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DE098B1_2_00DE098B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F0C9911_2_00F0C991
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F9C99C1_2_00F9C99C
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E07AB01_2_00E07AB0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E08A801_2_00E08A80
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E04A401_2_00E04A40
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC7BF01_2_00DC7BF0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DDDB6F1_2_00DDDB6F
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F97B151_2_00F97B15
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DECCD01_2_00DECCD0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E06CBF1_2_00E06CBF
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E08C021_2_00E08C02
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F90D7B1_2_00F90D7B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DE8D621_2_00DE8D62
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DEFD101_2_00DEFD10
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DEDD291_2_00DEDD29
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD6EBF1_2_00DD6EBF
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCBEB01_2_00DCBEB0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F95E7A1_2_00F95E7A
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DEAE571_2_00DEAE57
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E08E701_2_00E08E70
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DD4E2A1_2_00DD4E2A
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DC8FD01_2_00DC8FD0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E07FC01_2_00E07FC0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DCAF101_2_00DCAF10
    Source: C:\Users\user\Desktop\file.exeCode function: String function: 00DCCAA0 appears 48 times
    Source: C:\Users\user\Desktop\file.exeCode function: String function: 00DDD300 appears 152 times
    Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
    Source: file.exeStatic PE information: Section: ZLIB complexity 0.9995423370462047
    Source: classification engineClassification label: mal100.troj.evad.winEXE@1/0@10/1
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00DF8220 CoCreateInstance,1_2_00DF8220
    Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
    Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: webio.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: schannel.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: mskeyprotect.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ncryptsslp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: msasn1.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: cryptsp.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: rsaenh.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: gpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
    Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
    Source: file.exeStatic file information: File size 2974720 > 1048576
    Source: file.exeStatic PE information: Raw size of wovnjubk is bigger than: 0x100000 < 0x2ace00

    Data Obfuscation

    barindex
    Detected unpacking (changes PE section rights)
    Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 1.2.file.exe.dc0000.0.unpack :EW;.rsrc :W;.idata :W;wovnjubk:EW;yaqwutur:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W;wovnjubk:EW;yaqwutur:EW;.taggant:EW;
    Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
    Source: file.exeStatic PE information: real checksum: 0x2de644 should be: 0x2e0d0f
    Source: file.exeStatic PE information: section name:
    Source: file.exeStatic PE information: section name: .rsrc
    Source: file.exeStatic PE information: section name: .idata
    Source: file.exeStatic PE information: section name: wovnjubk
    Source: file.exeStatic PE information: section name: yaqwutur
    Source: file.exeStatic PE information: section name: .taggant
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E8C0C0 push ebx; mov dword ptr [esp], edi1_2_00E8C0E1
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0103E128 push ebx; mov dword ptr [esp], 73E562B8h1_2_0103E14D
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0103E128 push 18F90B00h; mov dword ptr [esp], edi1_2_0103E1CB
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F010C1 push 14B030A6h; mov dword ptr [esp], eax1_2_00F010E5
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F010C1 push 2E77470Ah; mov dword ptr [esp], edx1_2_00F0112E
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F010C1 push edx; mov dword ptr [esp], ebx1_2_00F0113B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00F010C1 push edi; mov dword ptr [esp], 3EF1D884h1_2_00F01154
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00EC10DB push 05FD7B34h; mov dword ptr [esp], ecx1_2_00EC118E
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00EC10DB push eax; mov dword ptr [esp], 20C3F244h1_2_00EC1192
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_01084146 push ebx; mov dword ptr [esp], 675E12EFh1_2_01084584
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FBA091 push 03A4CDC8h; mov dword ptr [esp], ebp1_2_00FBA0A9
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FBA091 push 6BAEE062h; mov dword ptr [esp], ebx1_2_00FBA0B1
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_010CD1A7 push eax; mov dword ptr [esp], 49802D71h1_2_010CD1EE
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_010CD1A7 push 730724B5h; mov dword ptr [esp], eax1_2_010CD2AE
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_010CD1A7 push ecx; mov dword ptr [esp], edi1_2_010CD2EC
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0109D1A5 push 212A5600h; mov dword ptr [esp], ebx1_2_0109D1AE
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0109D1A5 push esi; mov dword ptr [esp], 3F3FE917h1_2_0109D259
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0109D1A5 push 37E7B2A2h; mov dword ptr [esp], ebx1_2_0109D290
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_0109D1A5 push eax; mov dword ptr [esp], ecx1_2_0109D314
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 0BF648E0h; mov dword ptr [esp], edi1_2_00FA005B
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push eax; mov dword ptr [esp], edi1_2_00FA0082
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push edx; mov dword ptr [esp], ebp1_2_00FA00D8
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 68BB3300h; mov dword ptr [esp], edx1_2_00FA00F0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push ecx; mov dword ptr [esp], esi1_2_00FA02A4
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push ecx; mov dword ptr [esp], 7F3E1CCEh1_2_00FA02AB
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 1DDC8A05h; mov dword ptr [esp], eax1_2_00FA02D3
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push ecx; mov dword ptr [esp], ebx1_2_00FA0386
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push edi; mov dword ptr [esp], ecx1_2_00FA038A
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 78D8F5C8h; mov dword ptr [esp], edi1_2_00FA03A0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 02AC5F00h; mov dword ptr [esp], edi1_2_00FA03E0
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00FA0048 push 32831B3Ch; mov dword ptr [esp], ebx1_2_00FA0488
    Source: file.exeStatic PE information: section name: entropy: 7.980557470764062

    Boot Survival

    barindex
    Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
    Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior

    Malware Analysis System Evasion

    barindex
    Tries to detect sandboxes / dynamic malware analysis system (registry check)
    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
    Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
    Tries to detect virtualization through RDTSC time measurements
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: E2441B second address: E2442B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 jng 00007FE4ED52DD0Eh 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: E23C9B second address: E23CA5 instructions: 0x00000000 rdtsc 0x00000002 jp 00007FE4ECD4F26Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA58A5 second address: FA58B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edi 0x00000006 jl 00007FE4ED52DD06h 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA58B6 second address: FA58BC instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5A2B second address: FA5A36 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jns 00007FE4ED52DD06h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5A36 second address: FA5A43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jc 00007FE4ECD4F272h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5EF6 second address: FA5F01 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5F01 second address: FA5F06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5F06 second address: FA5F0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA5F0B second address: FA5F22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 js 00007FE4ECD4F266h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push edx 0x00000010 pop edx 0x00000011 jbe 00007FE4ECD4F266h 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6077 second address: FA6095 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FE4ED52DD17h 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6095 second address: FA6099 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9EF6 second address: FA9F63 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 xor dword ptr [esp], 0C3C9C4Ch 0x0000000c mov dword ptr [ebp+122D3563h], ebx 0x00000012 lea ebx, dword ptr [ebp+12459CEFh] 0x00000018 call 00007FE4ED52DD0Dh 0x0000001d pop edi 0x0000001e jmp 00007FE4ED52DD17h 0x00000023 xchg eax, ebx 0x00000024 push eax 0x00000025 pushad 0x00000026 jmp 00007FE4ED52DD12h 0x0000002b push edx 0x0000002c pop edx 0x0000002d popad 0x0000002e pop eax 0x0000002f push eax 0x00000030 pushad 0x00000031 jmp 00007FE4ED52DD11h 0x00000036 push eax 0x00000037 push edx 0x00000038 push eax 0x00000039 push edx 0x0000003a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9F63 second address: FA9F67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9FC8 second address: FA9FCE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9FCE second address: FA9FF2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F26Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f jmp 00007FE4ECD4F26Dh 0x00000014 pop eax 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9FF2 second address: FA9FF8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9FF8 second address: FA9FFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9FFC second address: FAA031 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 sbb edi, 12D7539Dh 0x0000000f push 00000000h 0x00000011 jl 00007FE4ED52DD08h 0x00000017 push E3D437ADh 0x0000001c pushad 0x0000001d push edx 0x0000001e jmp 00007FE4ED52DD0Ch 0x00000023 pop edx 0x00000024 push eax 0x00000025 push edx 0x00000026 jo 00007FE4ED52DD06h 0x0000002c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA031 second address: FAA035 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA035 second address: FAA098 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 add dword ptr [esp], 1C2BC8D3h 0x0000000e push 00000000h 0x00000010 push edx 0x00000011 call 00007FE4ED52DD08h 0x00000016 pop edx 0x00000017 mov dword ptr [esp+04h], edx 0x0000001b add dword ptr [esp+04h], 00000016h 0x00000023 inc edx 0x00000024 push edx 0x00000025 ret 0x00000026 pop edx 0x00000027 ret 0x00000028 stc 0x00000029 push eax 0x0000002a pop edx 0x0000002b push 00000003h 0x0000002d and cx, 13BDh 0x00000032 push 00000000h 0x00000034 clc 0x00000035 push 00000003h 0x00000037 call 00007FE4ED52DD0Bh 0x0000003c mov cx, dx 0x0000003f pop edx 0x00000040 call 00007FE4ED52DD09h 0x00000045 push eax 0x00000046 push edx 0x00000047 jmp 00007FE4ED52DD0Eh 0x0000004c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA098 second address: FAA0BA instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pushad 0x00000004 popad 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FE4ECD4F277h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA0BA second address: FAA0F5 instructions: 0x00000000 rdtsc 0x00000002 je 00007FE4ED52DD08h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e push edx 0x0000000f jmp 00007FE4ED52DD12h 0x00000014 pop edx 0x00000015 mov eax, dword ptr [eax] 0x00000017 jmp 00007FE4ED52DD0Ch 0x0000001c mov dword ptr [esp+04h], eax 0x00000020 push ecx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA0F5 second address: FAA0F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA0F9 second address: FAA124 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD0Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a pop eax 0x0000000b xor di, 8E00h 0x00000010 lea ebx, dword ptr [ebp+12459CF8h] 0x00000016 or ch, 00000052h 0x00000019 mov edi, dword ptr [ebp+122D2F40h] 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA124 second address: FAA128 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAA25A second address: FAA260 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7ED6 second address: FC7EF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F276h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7EF2 second address: FC7F04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push edx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 pop edx 0x00000009 pushad 0x0000000a jl 00007FE4ED52DD06h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7F04 second address: FC7F32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a js 00007FE4ECD4F26Ch 0x00000010 jnl 00007FE4ECD4F266h 0x00000016 push eax 0x00000017 push edx 0x00000018 jmp 00007FE4ECD4F270h 0x0000001d jl 00007FE4ECD4F266h 0x00000023 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7F32 second address: FC7F3E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jg 00007FE4ED52DD06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC809D second address: FC80AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jc 00007FE4ECD4F266h 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC820D second address: FC8244 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD0Ch 0x00000009 jmp 00007FE4ED52DD17h 0x0000000e popad 0x0000000f jmp 00007FE4ED52DD0Fh 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC8244 second address: FC8271 instructions: 0x00000000 rdtsc 0x00000002 js 00007FE4ECD4F283h 0x00000008 jmp 00007FE4ECD4F277h 0x0000000d jg 00007FE4ECD4F266h 0x00000013 push eax 0x00000014 push edx 0x00000015 jng 00007FE4ECD4F266h 0x0000001b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC877E second address: FC87A1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jnc 00007FE4ED52DD0Ch 0x0000000f push edx 0x00000010 jmp 00007FE4ED52DD0Ch 0x00000015 pop edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC87A1 second address: FC87BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ECD4F277h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC87BC second address: FC87C0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC8A37 second address: FC8A76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pushad 0x0000000a jmp 00007FE4ECD4F277h 0x0000000f jnl 00007FE4ECD4F266h 0x00000015 popad 0x00000016 pop eax 0x00000017 pushad 0x00000018 jne 00007FE4ECD4F26Ch 0x0000001e pushad 0x0000001f jne 00007FE4ECD4F266h 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC8EA1 second address: FC8EA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC96A7 second address: FC96C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jo 00007FE4ECD4F279h 0x0000000b jmp 00007FE4ECD4F273h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC96C5 second address: FC96CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC96CB second address: FC96D1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCCF1E second address: FCCF22 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCBA22 second address: FCBA26 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD0A4B second address: FD0A64 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD13h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD0A64 second address: FD0A71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jp 00007FE4ECD4F272h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD0A71 second address: FD0A77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F95933 second address: F95939 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F95939 second address: F9593D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD5576 second address: FD557A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD557A second address: FD558A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD0Ah 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD558A second address: FD5595 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnp 00007FE4ECD4F266h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD5595 second address: FD559E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD4CD0 second address: FD4D1B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F275h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c js 00007FE4ECD4F28Fh 0x00000012 jmp 00007FE4ECD4F275h 0x00000017 jmp 00007FE4ECD4F274h 0x0000001c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD52D3 second address: FD52F9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jp 00007FE4ED52DD06h 0x0000000b jmp 00007FE4ED52DD10h 0x00000010 jnl 00007FE4ED52DD06h 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD52F9 second address: FD52FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD542B second address: FD542F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD5F3C second address: FD5F40 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD61F0 second address: FD61F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6359 second address: FD6363 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FE4ECD4F266h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6490 second address: FD649A instructions: 0x00000000 rdtsc 0x00000002 je 00007FE4ED52DD0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6A78 second address: FD6AB9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007FE4ECD4F274h 0x0000000b pop edx 0x0000000c xchg eax, ebx 0x0000000d xor di, 0FCCh 0x00000012 jmp 00007FE4ECD4F275h 0x00000017 push eax 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c jng 00007FE4ECD4F266h 0x00000022 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6AB9 second address: FD6ABF instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6D35 second address: FD6D49 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ECD4F270h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E0C second address: FD6E11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E11 second address: FD6E32 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FE4ECD4F26Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FE4ECD4F26Eh 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD701D second address: FD7023 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD7023 second address: FD702A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD800C second address: FD8010 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD80B9 second address: FD80BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD80BD second address: FD80C1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD8FAB second address: FD9012 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop ecx 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b push ecx 0x0000000c call 00007FE4ECD4F268h 0x00000011 pop ecx 0x00000012 mov dword ptr [esp+04h], ecx 0x00000016 add dword ptr [esp+04h], 00000017h 0x0000001e inc ecx 0x0000001f push ecx 0x00000020 ret 0x00000021 pop ecx 0x00000022 ret 0x00000023 push 00000000h 0x00000025 push 00000000h 0x00000027 push ebx 0x00000028 call 00007FE4ECD4F268h 0x0000002d pop ebx 0x0000002e mov dword ptr [esp+04h], ebx 0x00000032 add dword ptr [esp+04h], 00000017h 0x0000003a inc ebx 0x0000003b push ebx 0x0000003c ret 0x0000003d pop ebx 0x0000003e ret 0x0000003f mov edi, dword ptr [ebp+122D214Eh] 0x00000045 push 00000000h 0x00000047 cmc 0x00000048 push eax 0x00000049 js 00007FE4ECD4F27Eh 0x0000004f push eax 0x00000050 push edx 0x00000051 jmp 00007FE4ECD4F26Ch 0x00000056 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDA662 second address: FDA66C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jp 00007FE4ED52DD06h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDA414 second address: FDA41A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDA66C second address: FDA696 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD10h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FE4ED52DD11h 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDA41A second address: FDA423 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDA423 second address: FDA427 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDF4AB second address: FDF4D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 pushad 0x00000008 popad 0x00000009 popad 0x0000000a popad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jno 00007FE4ECD4F279h 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB7AE second address: FDB7DB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD18h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d jo 00007FE4ED52DD06h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 push ecx 0x00000019 pop ecx 0x0000001a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDF4D2 second address: FDF56F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push esi 0x00000006 pop esi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d ja 00007FE4ECD4F289h 0x00000013 push 00000000h 0x00000015 push 00000000h 0x00000017 push ebx 0x00000018 call 00007FE4ECD4F268h 0x0000001d pop ebx 0x0000001e mov dword ptr [esp+04h], ebx 0x00000022 add dword ptr [esp+04h], 0000001Ch 0x0000002a inc ebx 0x0000002b push ebx 0x0000002c ret 0x0000002d pop ebx 0x0000002e ret 0x0000002f and edi, 5FC1F87Ah 0x00000035 xchg eax, esi 0x00000036 pushad 0x00000037 pushad 0x00000038 push eax 0x00000039 pop eax 0x0000003a jnc 00007FE4ECD4F266h 0x00000040 popad 0x00000041 jmp 00007FE4ECD4F272h 0x00000046 popad 0x00000047 push eax 0x00000048 push eax 0x00000049 push edx 0x0000004a jmp 00007FE4ECD4F279h 0x0000004f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB7DB second address: FDB7DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2C2C second address: FE2C36 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FE4ECD4F266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2C36 second address: FE2CAF instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b mov ebx, dword ptr [ebp+122D35D1h] 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push ebx 0x00000016 call 00007FE4ED52DD08h 0x0000001b pop ebx 0x0000001c mov dword ptr [esp+04h], ebx 0x00000020 add dword ptr [esp+04h], 00000019h 0x00000028 inc ebx 0x00000029 push ebx 0x0000002a ret 0x0000002b pop ebx 0x0000002c ret 0x0000002d xor dword ptr [ebp+1245746Fh], ecx 0x00000033 mov di, 2806h 0x00000037 push 00000000h 0x00000039 push 00000000h 0x0000003b push ebp 0x0000003c call 00007FE4ED52DD08h 0x00000041 pop ebp 0x00000042 mov dword ptr [esp+04h], ebp 0x00000046 add dword ptr [esp+04h], 00000014h 0x0000004e inc ebp 0x0000004f push ebp 0x00000050 ret 0x00000051 pop ebp 0x00000052 ret 0x00000053 jng 00007FE4ED52DD10h 0x00000059 pushad 0x0000005a mov dword ptr [ebp+122D28E3h], edx 0x00000060 mov bl, dh 0x00000062 popad 0x00000063 push eax 0x00000064 pushad 0x00000065 jp 00007FE4ED52DD08h 0x0000006b pushad 0x0000006c popad 0x0000006d push eax 0x0000006e push eax 0x0000006f push edx 0x00000070 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE4CA7 second address: FE4CF3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F275h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c mov ebx, dword ptr [ebp+122D32BFh] 0x00000012 push 00000000h 0x00000014 call 00007FE4ECD4F26Fh 0x00000019 movsx ebx, ax 0x0000001c pop edi 0x0000001d mov dword ptr [ebp+122D3563h], eax 0x00000023 push 00000000h 0x00000025 mov di, si 0x00000028 xchg eax, esi 0x00000029 push ecx 0x0000002a jnl 00007FE4ECD4F26Ch 0x00000030 push eax 0x00000031 push edx 0x00000032 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE4CF3 second address: FE4D10 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FE4ED52DD15h 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5D3F second address: FE5D43 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5D43 second address: FE5D55 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jc 00007FE4ED52DD14h 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE7BAD second address: FE7BB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE7CF4 second address: FE7CFA instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE7CFA second address: FE7D04 instructions: 0x00000000 rdtsc 0x00000002 je 00007FE4ECD4F26Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE7D04 second address: FE7D1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jno 00007FE4ED52DD06h 0x00000010 jmp 00007FE4ED52DD0Ah 0x00000015 popad 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F907C3 second address: F907C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F907C9 second address: F907D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007FE4ED52DD06h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F907D5 second address: F907D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F907D9 second address: F90802 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD0Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FE4ED52DD10h 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F90802 second address: F90822 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FE4ECD4F266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FE4ECD4F276h 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE8BAC second address: FE8BC6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 jmp 00007FE4ED52DD0Ah 0x0000000d push eax 0x0000000e push edx 0x0000000f jbe 00007FE4ED52DD06h 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE8BC6 second address: FE8BCA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE8BCA second address: FE8C4B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 mov bh, 9Dh 0x0000000a push dword ptr fs:[00000000h] 0x00000011 movzx edi, di 0x00000014 mov dword ptr fs:[00000000h], esp 0x0000001b pushad 0x0000001c mov edi, dword ptr [ebp+122D22B2h] 0x00000022 popad 0x00000023 mov eax, dword ptr [ebp+122D14A1h] 0x00000029 push 00000000h 0x0000002b push ebx 0x0000002c call 00007FE4ED52DD08h 0x00000031 pop ebx 0x00000032 mov dword ptr [esp+04h], ebx 0x00000036 add dword ptr [esp+04h], 0000001Dh 0x0000003e inc ebx 0x0000003f push ebx 0x00000040 ret 0x00000041 pop ebx 0x00000042 ret 0x00000043 sub dword ptr [ebp+122D1DBFh], esi 0x00000049 mov dword ptr [ebp+122D370Eh], eax 0x0000004f push FFFFFFFFh 0x00000051 sbb bx, 0D66h 0x00000056 push eax 0x00000057 pushad 0x00000058 push esi 0x00000059 jmp 00007FE4ED52DD18h 0x0000005e pop esi 0x0000005f push eax 0x00000060 push edx 0x00000061 pushad 0x00000062 popad 0x00000063 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEC3B4 second address: FEC3D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F26Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d jnp 00007FE4ECD4F266h 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED2EA second address: FED307 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD15h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE175 second address: FEE185 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F26Bh 0x00000009 popad 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED307 second address: FED30B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE185 second address: FEE226 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F26Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 nop 0x0000000a mov edi, dword ptr [ebp+122D2BB2h] 0x00000010 push 00000000h 0x00000012 push 00000000h 0x00000014 push ebp 0x00000015 call 00007FE4ECD4F268h 0x0000001a pop ebp 0x0000001b mov dword ptr [esp+04h], ebp 0x0000001f add dword ptr [esp+04h], 00000018h 0x00000027 inc ebp 0x00000028 push ebp 0x00000029 ret 0x0000002a pop ebp 0x0000002b ret 0x0000002c call 00007FE4ECD4F275h 0x00000031 mov ebx, dword ptr [ebp+122D2C2Eh] 0x00000037 pop ebx 0x00000038 push 00000000h 0x0000003a push 00000000h 0x0000003c push ebp 0x0000003d call 00007FE4ECD4F268h 0x00000042 pop ebp 0x00000043 mov dword ptr [esp+04h], ebp 0x00000047 add dword ptr [esp+04h], 0000001Dh 0x0000004f inc ebp 0x00000050 push ebp 0x00000051 ret 0x00000052 pop ebp 0x00000053 ret 0x00000054 xchg eax, esi 0x00000055 je 00007FE4ECD4F27Eh 0x0000005b jmp 00007FE4ECD4F278h 0x00000060 push eax 0x00000061 push eax 0x00000062 push edx 0x00000063 push eax 0x00000064 push edx 0x00000065 push eax 0x00000066 push edx 0x00000067 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE226 second address: FEE22A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED30B second address: FED349 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 nop 0x00000008 mov ebx, dword ptr [ebp+12460909h] 0x0000000e push dword ptr fs:[00000000h] 0x00000015 movsx edi, dx 0x00000018 mov dword ptr fs:[00000000h], esp 0x0000001f and ebx, 0535883Dh 0x00000025 mov eax, dword ptr [ebp+122D034Dh] 0x0000002b xor ebx, dword ptr [ebp+122D2DAAh] 0x00000031 push FFFFFFFFh 0x00000033 mov ebx, 7D926941h 0x00000038 nop 0x00000039 pushad 0x0000003a push eax 0x0000003b push edx 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED349 second address: FED34D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE22A second address: FEE22E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED34D second address: FED35F instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FE4ED52DD06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c js 00007FE4ED52DD06h 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE22E second address: FEE234 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED35F second address: FED36C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED36C second address: FED370 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FEE3B6 second address: FEE3BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF02C2 second address: FF02C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF02C6 second address: FF02CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF02CA second address: FF02F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edi 0x00000008 pop edi 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c popad 0x0000000d push eax 0x0000000e pushad 0x0000000f push edi 0x00000010 jmp 00007FE4ECD4F272h 0x00000015 pop edi 0x00000016 pushad 0x00000017 jc 00007FE4ECD4F266h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF0570 second address: FF0574 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF0574 second address: FF057A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1415 second address: FF1429 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FE4ED52DD06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 push edx 0x00000012 pop edx 0x00000013 popad 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1429 second address: FF143E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FE4ECD4F270h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8D1B5 second address: F8D1B9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8D1B9 second address: F8D1BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8D1BF second address: F8D1C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8D1C8 second address: F8D1CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8D1CE second address: F8D1D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA283 second address: FFA288 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA288 second address: FFA28D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA28D second address: FFA2AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F273h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e je 00007FE4ECD4F266h 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA3E4 second address: FFA3EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA3EA second address: FFA434 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 jmp 00007FE4ECD4F277h 0x0000000a pushad 0x0000000b jnc 00007FE4ECD4F266h 0x00000011 pushad 0x00000012 popad 0x00000013 jmp 00007FE4ECD4F26Eh 0x00000018 popad 0x00000019 jmp 00007FE4ECD4F26Bh 0x0000001e popad 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 jl 00007FE4ECD4F266h 0x00000029 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFA434 second address: FFA448 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jnc 00007FE4ED52DD0Ch 0x0000000e jng 00007FE4ED52DD06h 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE4DE second address: FFE4E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE4E3 second address: FFE4E8 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE4E8 second address: FFE52A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jmp 00007FE4ECD4F26Fh 0x00000010 mov eax, dword ptr [eax] 0x00000012 jnl 00007FE4ECD4F278h 0x00000018 mov dword ptr [esp+04h], eax 0x0000001c push eax 0x0000001d push edx 0x0000001e jg 00007FE4ECD4F268h 0x00000024 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE52A second address: FFE530 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE530 second address: FFE534 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE534 second address: FFE538 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE5B1 second address: FFE5B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE5B7 second address: FFE5BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE6AB second address: FFE6C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ECD4F276h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE6C5 second address: FFE6F2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD0Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov eax, dword ptr [eax] 0x0000000d push esi 0x0000000e ja 00007FE4ED52DD0Ch 0x00000014 je 00007FE4ED52DD06h 0x0000001a pop esi 0x0000001b mov dword ptr [esp+04h], eax 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE6F2 second address: FFE6F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE6F8 second address: FFE6FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE6FD second address: FFE702 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10046B3 second address: 10046B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10046B7 second address: 10046DE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a ja 00007FE4ECD4F266h 0x00000010 jmp 00007FE4ECD4F277h 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10046DE second address: 10046F8 instructions: 0x00000000 rdtsc 0x00000002 je 00007FE4ED52DD06h 0x00000008 push edx 0x00000009 pop edx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FE4ED52DD0Ch 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10046F8 second address: 10046FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1004D84 second address: 1004D8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1004D8E second address: 1004D9A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1005078 second address: 100507C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100507C second address: 1005089 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 pushad 0x00000008 popad 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1005089 second address: 100508E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100508E second address: 1005093 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10097EF second address: 100981E instructions: 0x00000000 rdtsc 0x00000002 jng 00007FE4ED52DD06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007FE4ED52DD0Eh 0x00000010 jnp 00007FE4ED52DD06h 0x00000016 jnc 00007FE4ED52DD06h 0x0000001c popad 0x0000001d pushad 0x0000001e jne 00007FE4ED52DD06h 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100DB19 second address: 100DB1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100DB1D second address: 100DB27 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100DB27 second address: 100DB35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F26Ah 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDD53B second address: FDD53F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDD53F second address: FDD544 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDD75B second address: FDD761 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDD761 second address: FDD76B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jg 00007FE4ECD4F266h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDB98 second address: FDDB9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDB9C second address: FDDBB1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jnl 00007FE4ECD4F268h 0x00000013 push edi 0x00000014 pop edi 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDBB1 second address: FDDC12 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 push 00000000h 0x0000000b push ebx 0x0000000c call 00007FE4ED52DD08h 0x00000011 pop ebx 0x00000012 mov dword ptr [esp+04h], ebx 0x00000016 add dword ptr [esp+04h], 00000018h 0x0000001e inc ebx 0x0000001f push ebx 0x00000020 ret 0x00000021 pop ebx 0x00000022 ret 0x00000023 stc 0x00000024 call 00007FE4ED52DD09h 0x00000029 pushad 0x0000002a jne 00007FE4ED52DD11h 0x00000030 jne 00007FE4ED52DD0Ch 0x00000036 popad 0x00000037 push eax 0x00000038 push eax 0x00000039 push edx 0x0000003a jne 00007FE4ED52DD0Ch 0x00000040 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDC12 second address: FDDC3F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jnp 00007FE4ECD4F266h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov eax, dword ptr [esp+04h] 0x00000012 pushad 0x00000013 jnl 00007FE4ECD4F268h 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007FE4ECD4F270h 0x00000020 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDDFF second address: FDDE26 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD11h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jnc 00007FE4ED52DD08h 0x0000000f popad 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push esi 0x00000015 pop esi 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDE26 second address: FDDE61 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F274h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a or di, 5BF3h 0x0000000f push eax 0x00000010 pushad 0x00000011 jng 00007FE4ECD4F277h 0x00000017 jmp 00007FE4ECD4F271h 0x0000001c push eax 0x0000001d push edx 0x0000001e push edx 0x0000001f pop edx 0x00000020 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDE61 second address: FDDE65 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDF6C second address: FDDF72 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDDF72 second address: FDDFB5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007FE4ED52DD06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 jp 00007FE4ED52DD27h 0x00000016 pushad 0x00000017 jns 00007FE4ED52DD06h 0x0000001d jmp 00007FE4ED52DD19h 0x00000022 popad 0x00000023 mov eax, dword ptr [eax] 0x00000025 jo 00007FE4ED52DD10h 0x0000002b push eax 0x0000002c push edx 0x0000002d push edi 0x0000002e pop edi 0x0000002f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE0A3 second address: FDE0B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a pushad 0x0000000b popad 0x0000000c pop ebx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE0B0 second address: FDE0B6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE0B6 second address: FDE0BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE64F second address: FDE655 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE655 second address: FDE686 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 jmp 00007FE4ECD4F275h 0x0000000c nop 0x0000000d xor dx, 460Ah 0x00000012 push 0000001Eh 0x00000014 mov edx, dword ptr [ebp+122D2CCAh] 0x0000001a nop 0x0000001b push eax 0x0000001c push edx 0x0000001d push edx 0x0000001e push ebx 0x0000001f pop ebx 0x00000020 pop edx 0x00000021 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100CDF0 second address: 100CDF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100CDF4 second address: 100CE03 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FE4ECD4F266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100CE03 second address: 100CE09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100CE09 second address: 100CE0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D399 second address: 100D3B5 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FE4ED52DD06h 0x00000008 jc 00007FE4ED52DD06h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 jp 00007FE4ED52DD0Ch 0x00000016 jns 00007FE4ED52DD06h 0x0000001c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D3B5 second address: 100D3BD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D3BD second address: 100D3E4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD0Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FE4ED52DD12h 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D3E4 second address: 100D410 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FE4ECD4F276h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FE4ECD4F26Eh 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D410 second address: 100D414 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D574 second address: 100D57A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D57A second address: 100D59E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FE4ED52DD13h 0x0000000e je 00007FE4ED52DD12h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D59E second address: 100D5A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FE4ECD4F266h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D700 second address: 100D706 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100D706 second address: 100D70B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1011FBE second address: 1011FC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FE4ED52DD06h 0x0000000a pop edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1011FC9 second address: 1011FCE instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10122B9 second address: 10122C5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jnp 00007FE4ED52DD06h 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10122C5 second address: 10122C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10122C9 second address: 10122CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10122CF second address: 10122D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10127D6 second address: 10127DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012AF2 second address: 1012AF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012AF9 second address: 1012B02 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012B02 second address: 1012B1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F274h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012B1A second address: 1012B1E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012DA7 second address: 1012DCF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FE4ECD4F277h 0x0000000e push ebx 0x0000000f jnp 00007FE4ECD4F266h 0x00000015 pop ebx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1012DCF second address: 1012DDB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007FE4ED52DD06h 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10131A9 second address: 10131BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007FE4ECD4F266h 0x0000000a jmp 00007FE4ECD4F26Ch 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10189C3 second address: 10189E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD17h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10189E0 second address: 1018A01 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FE4ECD4F266h 0x0000000a popad 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e pushad 0x0000000f popad 0x00000010 jnp 00007FE4ECD4F266h 0x00000016 popad 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a popad 0x0000001b jo 00007FE4ECD4F266h 0x00000021 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017A0E second address: 1017A13 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017A13 second address: 1017A1C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017A1C second address: 1017A4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FE4ED52DD19h 0x0000000c jmp 00007FE4ED52DD12h 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017CF3 second address: 1017D19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FE4ECD4F279h 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f pop eax 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017D19 second address: 1017D1F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E45 second address: 1017E4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E4E second address: 1017E5F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ED52DD0Dh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E5F second address: 1017E63 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E63 second address: 1017E79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jbe 00007FE4ED52DD08h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push edi 0x00000013 pop edi 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E79 second address: 1017E7D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017E7D second address: 1017E83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101749A second address: 101749E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101749E second address: 10174B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jmp 00007FE4ED52DD0Ah 0x0000000c ja 00007FE4ED52DD06h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101869A second address: 10186BA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F277h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10186BA second address: 10186BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10186BE second address: 10186C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1612 second address: FA1618 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101EB4E second address: 101EB66 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F26Fh 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101EB66 second address: 101EB70 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jns 00007FE4ED52DD06h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 101EB70 second address: 101EB98 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 jc 00007FE4ECD4F286h 0x0000000d pushad 0x0000000e push esi 0x0000000f pop esi 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 jmp 00007FE4ECD4F274h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020E4F second address: 1020E53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020E53 second address: 1020E57 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020E57 second address: 1020E72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD0Dh 0x00000009 pop edx 0x0000000a pop eax 0x0000000b ja 00007FE4ED52DD12h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020B17 second address: 1020B20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push esi 0x00000007 pop esi 0x00000008 popad 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020B20 second address: 1020B3C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD11h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1020B3C second address: 1020B46 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B32 second address: 1025B47 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD11h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B47 second address: 1025B4B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B4B second address: 1025B51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B51 second address: 1025B70 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007FE4ECD4F279h 0x00000008 jmp 00007FE4ECD4F273h 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B70 second address: 1025B74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B74 second address: 1025B81 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1025B81 second address: 1025B87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1026127 second address: 102612B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102612B second address: 102612F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10262A7 second address: 10262AE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10262AE second address: 10262B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10262B6 second address: 10262C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FE4ECD4F266h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102A61A second address: 102A61E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102A61E second address: 102A63A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jne 00007FE4ECD4F266h 0x0000000f jmp 00007FE4ECD4F26Ah 0x00000014 push esi 0x00000015 pop esi 0x00000016 popad 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102A63A second address: 102A64B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ED52DD0Dh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102AB01 second address: 102AB11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FE4ECD4F26Ch 0x0000000a jl 00007FE4ECD4F266h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102AC98 second address: 102AC9E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE434 second address: FDE438 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE500 second address: FDE518 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD10h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE518 second address: FDE51C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE51C second address: FDE520 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102AF91 second address: 102AF97 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102AF97 second address: 102AFA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102ED05 second address: 102ED0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102ED0B second address: 102ED41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD16h 0x00000009 push edi 0x0000000a pop edi 0x0000000b popad 0x0000000c jmp 00007FE4ED52DD0Bh 0x00000011 push edx 0x00000012 push esi 0x00000013 pop esi 0x00000014 pop edx 0x00000015 push eax 0x00000016 push edx 0x00000017 pushad 0x00000018 popad 0x00000019 jns 00007FE4ED52DD06h 0x0000001f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102ED41 second address: 102ED67 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jns 00007FE4ECD4F266h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FE4ECD4F276h 0x00000015 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102E66F second address: 102E673 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102E673 second address: 102E69C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F271h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push ecx 0x0000000d pop ecx 0x0000000e js 00007FE4ECD4F266h 0x00000014 jng 00007FE4ECD4F266h 0x0000001a pushad 0x0000001b popad 0x0000001c popad 0x0000001d rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102E69C second address: 102E6A3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1035C31 second address: 1035C35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1034286 second address: 103428C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103428C second address: 1034292 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1034292 second address: 10342AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FE4ED52DD06h 0x0000000a popad 0x0000000b push edx 0x0000000c jmp 00007FE4ED52DD0Ch 0x00000011 pop edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10342AB second address: 10342B0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10342B0 second address: 10342BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jp 00007FE4ED52DD06h 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10342BF second address: 10342C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10342C3 second address: 10342C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10342C9 second address: 10342EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FE4ECD4F276h 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1034844 second address: 103484A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103534A second address: 103536D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jnl 00007FE4ECD4F266h 0x0000000c popad 0x0000000d jmp 00007FE4ECD4F276h 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103536D second address: 1035379 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 je 00007FE4ED52DD06h 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1035379 second address: 103537D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103537D second address: 1035383 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1035383 second address: 1035391 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 je 00007FE4ECD4F266h 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103EA60 second address: 103EA74 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007FE4ED52DD06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push esi 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pop esi 0x00000010 push edi 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103EA74 second address: 103EA80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FE4ECD4F266h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103DCCC second address: 103DCD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E4D8 second address: 103E4DF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E65D second address: 103E677 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007FE4ED52DD14h 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E677 second address: 103E67B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E67B second address: 103E689 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 je 00007FE4ED52DD06h 0x0000000e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E689 second address: 103E68D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104997D second address: 10499A1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ED52DD16h 0x00000009 push eax 0x0000000a push edx 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d jnc 00007FE4ED52DD06h 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10499A1 second address: 10499AB instructions: 0x00000000 rdtsc 0x00000002 jl 00007FE4ECD4F266h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10499AB second address: 10499CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FE4ED52DD0Ch 0x0000000e jmp 00007FE4ED52DD0Dh 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1047B72 second address: 1047B9D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F276h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 ja 00007FE4ECD4F26Eh 0x0000000f push edi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1047B9D second address: 1047BB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FE4ED52DD06h 0x0000000a pop edi 0x0000000b popad 0x0000000c push ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f jng 00007FE4ED52DD06h 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1047CF4 second address: 1047CFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1048682 second address: 1048693 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 jmp 00007FE4ED52DD0Ah 0x0000000b pop ecx 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10487E6 second address: 10487EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10487EA second address: 10487F4 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FE4ED52DD0Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10497CC second address: 10497D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10497D2 second address: 10497D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10497D7 second address: 10497DE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10497DE second address: 104980C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FE4ED52DD06h 0x0000000a popad 0x0000000b je 00007FE4ED52DD19h 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 push edx 0x00000016 pushad 0x00000017 popad 0x00000018 pushad 0x00000019 popad 0x0000001a pop edx 0x0000001b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104980C second address: 1049811 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1049811 second address: 1049817 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1047705 second address: 1047723 instructions: 0x00000000 rdtsc 0x00000002 js 00007FE4ECD4F266h 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop edi 0x0000000d pushad 0x0000000e jng 00007FE4ECD4F268h 0x00000014 push eax 0x00000015 push edx 0x00000016 jnc 00007FE4ECD4F266h 0x0000001c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1047723 second address: 104772C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104FBCB second address: 104FBD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 105DA89 second address: 105DA8F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 105DA8F second address: 105DA95 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1060034 second address: 106003B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edi 0x00000007 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106003B second address: 1060040 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10635DA second address: 10635DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106810A second address: 106810E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106810E second address: 1068112 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1068112 second address: 1068118 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106BF93 second address: 106BF97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106BF97 second address: 106BF9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106E09F second address: 106E0B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD11h 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106DEC7 second address: 106DECB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106DECB second address: 106DECF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106DECF second address: 106DF03 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FE4ECD4F276h 0x0000000d popad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FE4ECD4F26Ch 0x00000016 jnc 00007FE4ECD4F266h 0x0000001c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106DF03 second address: 106DF1E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FE4ED52DD11h 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106DF1E second address: 106DF22 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1078B26 second address: 1078B37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b jnl 00007FE4ED52DD06h 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1078C8D second address: 1078C91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1079333 second address: 107933F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jnc 00007FE4ED52DD06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107933F second address: 107935D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FE4ECD4F271h 0x00000008 push edi 0x00000009 pop edi 0x0000000a jc 00007FE4ECD4F266h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1080001 second address: 1080012 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jl 00007FE4ED52DD0Ch 0x0000000b jl 00007FE4ED52DD06h 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1080012 second address: 1080018 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107FBD7 second address: 107FBDD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107FD28 second address: 107FD2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10816DC second address: 10816E8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 jno 00007FE4ED52DD06h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1082D30 second address: 1082D3F instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FE4ECD4F266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1082D3F second address: 1082D59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jns 00007FE4ED52DD08h 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e pushad 0x0000000f popad 0x00000010 jnp 00007FE4ED52DD06h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109CE73 second address: 109CE77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109CE77 second address: 109CE97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pop edx 0x0000000b jbe 00007FE4ED52DD06h 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FE4ED52DD0Ch 0x00000019 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109CE97 second address: 109CE9D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109CE9D second address: 109CEB9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD18h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 109E972 second address: 109E97C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B8839 second address: 10B8858 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD19h 0x00000007 push eax 0x00000008 push edx 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B8A05 second address: 10B8A0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007FE4ECD4F266h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B8C7A second address: 10B8C8A instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jl 00007FE4ED52DD06h 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B8C8A second address: 10B8CAF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F277h 0x00000007 jno 00007FE4ECD4F266h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B8CAF second address: 10B8CB3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B9103 second address: 10B9122 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F274h 0x00000009 ja 00007FE4ECD4F266h 0x0000000f popad 0x00000010 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B9122 second address: 10B9137 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ED52DD11h 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B9656 second address: 10B965B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10B965B second address: 10B9693 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD15h 0x00000007 jmp 00007FE4ED52DD11h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push esi 0x0000000f pushad 0x00000010 jl 00007FE4ED52DD06h 0x00000016 pushad 0x00000017 popad 0x00000018 pushad 0x00000019 popad 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BB057 second address: 10BB061 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007FE4ECD4F266h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BB061 second address: 10BB065 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BB065 second address: 10BB06B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BB06B second address: 10BB095 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ED52DD11h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jl 00007FE4ED52DD0Ch 0x00000011 jnc 00007FE4ED52DD06h 0x00000017 pushad 0x00000018 pushad 0x00000019 popad 0x0000001a pushad 0x0000001b popad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BB095 second address: 10BB09A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C462 second address: F9C468 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C468 second address: F9C47E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007FE4ECD4F266h 0x0000000a popad 0x0000000b pushad 0x0000000c push edx 0x0000000d pop edx 0x0000000e jp 00007FE4ECD4F266h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C47E second address: F9C489 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9C489 second address: F9C4CD instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FE4ECD4F273h 0x00000010 ja 00007FE4ECD4F286h 0x00000016 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BF079 second address: 10BF09C instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jmp 00007FE4ED52DD16h 0x00000008 pop edx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 pop edx 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BF302 second address: 10BF30C instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FE4ECD4F266h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10BF505 second address: 10BF50F instructions: 0x00000000 rdtsc 0x00000002 jng 00007FE4ED52DD06h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C0712 second address: 10C0729 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F271h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C0729 second address: 10C0732 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push esi 0x00000008 pop esi 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C2267 second address: 10C2283 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FE4ECD4F276h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C2283 second address: 10C22BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jno 00007FE4ED52DD1Ah 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FE4ED52DD16h 0x00000012 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C22BA second address: 10C22BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C22BE second address: 10C22DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jmp 00007FE4ED52DD12h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10C22DC second address: 10C22E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5170CE2 second address: 5170D6E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov dl, ch 0x00000005 pushfd 0x00000006 jmp 00007FE4ED52DD11h 0x0000000b xor si, 5AA6h 0x00000010 jmp 00007FE4ED52DD11h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov ecx, dword ptr [eax+00000FDCh] 0x0000001f pushad 0x00000020 mov dx, ax 0x00000023 jmp 00007FE4ED52DD18h 0x00000028 popad 0x00000029 test ecx, ecx 0x0000002b jmp 00007FE4ED52DD10h 0x00000030 jns 00007FE4ED52DD4Dh 0x00000036 jmp 00007FE4ED52DD10h 0x0000003b add eax, ecx 0x0000003d push eax 0x0000003e push edx 0x0000003f push eax 0x00000040 push edx 0x00000041 jmp 00007FE4ED52DD0Ah 0x00000046 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5170D6E second address: 5170D72 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5170D72 second address: 5170D78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5170D78 second address: 5170D89 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FE4ECD4F26Dh 0x00000009 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5170D89 second address: 5170D8D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD8C24 second address: FD8C49 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FE4ECD4F276h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push ebx 0x0000000d jng 00007FE4ECD4F266h 0x00000013 pop ebx 0x00000014 rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD8C49 second address: FD8C53 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FE4ED52DD06h 0x0000000a rdtsc
    Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD8C53 second address: FD8C57 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
    Tries to evade debugger and weak emulator (self modifying code)
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: E23BDD instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: E23CBD instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: FCB80F instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: FDD6DA instructions caused by: Self-modifying code
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\file.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
    Source: C:\Users\user\Desktop\file.exe TID: 5012Thread sleep time: -90000s >= -30000sJump to behavior
    Source: C:\Users\user\Desktop\file.exe TID: 5012Thread sleep time: -30000s >= -30000sJump to behavior
    Source: file.exe, file.exe, 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
    Source: file.exe, 00000001.00000002.2238156506.000000000140E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWX
    Source: file.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
    Source: file.exe, 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
    Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

    Anti Debugging

    barindex
    Hides threads from debuggers
    Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
    Tries to detect sandboxes and other dynamic analysis tools (window names)
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: regmonclass
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: gbdyllo
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: procmon_window_class
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: ollydbg
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: filemonclass
    Source: C:\Users\user\Desktop\file.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
    Source: C:\Users\user\Desktop\file.exeFile opened: NTICE
    Source: C:\Users\user\Desktop\file.exeFile opened: SICE
    Source: C:\Users\user\Desktop\file.exeFile opened: SIWVID
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
    Source: C:\Users\user\Desktop\file.exeCode function: 1_2_00E05BB0 LdrInitializeThunk,1_2_00E05BB0

    HIPS / PFW / Operating System Protection Evasion

    barindex
    LummaC encrypted strings found
    Source: file.exeString found in binary or memory: licendfilteo.site
    Source: file.exeString found in binary or memory: clearancek.site
    Source: file.exeString found in binary or memory: bathdoomgaz.store
    Source: file.exeString found in binary or memory: spirittunek.store
    Source: file.exeString found in binary or memory: dissapoiznw.store
    Source: file.exeString found in binary or memory: studennotediw.store
    Source: file.exeString found in binary or memory: mobbipenju.store
    Source: file.exeString found in binary or memory: eaglepawnoy.store
    Source: file.exe, 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: d?Program Manager
    Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

    Stealing of Sensitive Information

    barindex
    Yara detected LummaC Stealer
    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR

    Remote Access Functionality

    barindex
    Yara detected LummaC Stealer
    Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
    PowerShell    		1
    DLL Side-Loading    		1
    Process Injection    		24
    Virtualization/Sandbox Evasion    		OS Credential Dumping631
    Security Software Discovery    		Remote Services1
    Archive Collected Data    		11
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
    DLL Side-Loading    		1
    Process Injection    		LSASS Memory24
    Virtualization/Sandbox Evasion    		Remote Desktop ProtocolData from Removable Media1
    Ingress Tool Transfer    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)11
    Deobfuscate/Decode Files or Information    		Security Account Manager2
    Process Discovery    		SMB/Windows Admin SharesData from Network Shared Drive2
    Non-Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook4
    Obfuscated Files or Information    		NTDS23
    System Information Discovery    		Distributed Component Object ModelInput Capture113
    Application Layer Protocol    		Traffic DuplicationData Destruction
    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script12
    Software Packing    		LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
    DLL Side-Loading    		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    file.exe100%AviraTR/Crypt.TPM.Gen
    file.exe100%Joe Sandbox ML

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    SourceDetectionScannerLabelLink
    https://player.vimeo.com0%URL Reputationsafe
    https://store.steampowered.com/subscriber_agreement/0%URL Reputationsafe
    https://www.gstatic.cn/recaptcha/0%URL Reputationsafe
    http://www.valvesoftware.com/legal.htm0%URL Reputationsafe
    https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback0%URL Reputationsafe
    https://steam.tv/0%URL Reputationsafe
    http://store.steampowered.com/privacy_agreement/0%URL Reputationsafe
    https://steamcommunity.com:443/profiles/76561199724331900100%URL Reputationmalware
    https://store.steampowered.com/points/shop/0%URL Reputationsafe
    https://lv.queniujq.cn0%URL Reputationsafe
    https://store.steampowered.com/privacy_agreement/0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=9620160%URL Reputationsafe
    https://checkout.steampowered.com/0%URL Reputationsafe
    https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png0%URL Reputationsafe
    https://store.steampowered.com/;0%URL Reputationsafe
    https://store.steampowered.com/about/0%URL Reputationsafe
    https://help.steampowered.com/en/0%URL Reputationsafe
    https://store.steampowered.com/news/0%URL Reputationsafe
    http://store.steampowered.com/subscriber_agreement/0%URL Reputationsafe
    https://recaptcha.net/recaptcha/;0%URL Reputationsafe
    https://store.steampowered.com/stats/0%URL Reputationsafe
    https://medal.tv0%URL Reputationsafe
    https://broadcast.st.dl.eccdnx.com0%URL Reputationsafe
    https://store.steampowered.com/steam_refunds/0%URL Reputationsafe
    https://login.steampowered.com/0%URL Reputationsafe
    https://store.steampowered.com/legal/0%URL Reputationsafe
    https://recaptcha.net0%URL Reputationsafe
    https://store.steampowered.com/0%URL Reputationsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    steamcommunity.com
    		104.102.49.254
    		truetrue
      		unknown
      eaglepawnoy.store
      		unknown
      		unknowntrue
        		unknown
        bathdoomgaz.store
        		unknown
        		unknowntrue
          		unknown
          spirittunek.store
          		unknown
          		unknowntrue
            		unknown
            licendfilteo.site
            		unknown
            		unknowntrue
              		unknown
              studennotediw.store
              		unknown
              		unknowntrue
                		unknown
                mobbipenju.store
                		unknown
                		unknowntrue
                  		unknown
                  sergei-esenin.com
                  		unknown
                  		unknownfalse
                    		unknown
                    clearancek.site
                    		unknown
                    		unknowntrue
                      		unknown
                      dissapoiznw.store
                      		unknown
                      		unknowntrue
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        studennotediw.storetrue
                          		unknown
                          dissapoiznw.storetrue
                            		unknown
                            https://steamcommunity.com/profiles/76561199724331900true
                              		unknown
                              eaglepawnoy.storetrue
                                		unknown
                                bathdoomgaz.storetrue
                                  		unknown
                                  clearancek.sitetrue
                                    		unknown
                                    spirittunek.storetrue
                                      		unknown
                                      licendfilteo.sitetrue
                                        		unknown

                                        URLs from Memory and Binaries

                                        NameSourceMaliciousAntivirus DetectionReputation
                                        https://player.vimeo.comfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                        • URL Reputation: safe
                                        		unknown
                                        https://steamcommunity.com/?subsection=broadcastsfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://eaglepawnoy.store:443/apiyfile.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		unknown
                                            https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcVfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		unknown
                                              https://sergei-esenin.com/file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		unknown
                                                https://store.steampowered.com/subscriber_agreement/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://www.gstatic.cn/recaptcha/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://community.cloudflare.steamstatic.com/public/javascript/modalContent.js?v=UuGFpt56D9L4&amp;l=file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  https://community.cloudflare.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&amp;l=englifile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		unknown
                                                    https://community.cloudflare.steamstatic.com/public/javascript/promo/stickers.js?v=GfA42_x2_aub&amp;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        http://www.valvesoftware.com/legal.htmfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://www.youtube.comfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		unknown
                                                          https://www.google.comfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedbackfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            • URL Reputation: safe
                                                            		unknown
                                                            https://s.ytimg.com;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		unknown
                                                              https://steam.tv/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              • URL Reputation: safe
                                                              		unknown
                                                              https://steamcommunity.com/profiles/76561199724331900rfile.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://licendfilteo.site:443/apifile.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BXfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&amp;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      http://store.steampowered.com/privacy_agreement/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • URL Reputation: safe
                                                                      		unknown
                                                                      https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://steamcommunity.com:443/profiles/76561199724331900file.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmptrue
                                                                        • URL Reputation: malware
                                                                        		unknown
                                                                        https://store.steampowered.com/points/shop/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        		unknown
                                                                        https://community.cloudflare.steamstatic.com/public/css/promo/summer2017/stickers.css?v=bZKSp7oNwVPKfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://community.cloudflare.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&ampfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            https://community.cloudflare.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1&amp;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              https://sketchfab.comfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://lv.queniujq.cnfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                • URL Reputation: safe
                                                                                		unknown
                                                                                https://steamcommunity.com/profiles/76561199724331900/inventory/file.exe, 00000001.00000002.2238576561.00000000014DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://www.youtube.com/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://store.steampowered.com/privacy_agreement/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://sergei-esenin.com/tfile.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        https://community.cloudflare.steamstatic.com/public/javascript/webui/clientcom.js?v=qYlgdgWOD4Ng&ampfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.pngfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          https://sergei-esenin.com:443/apifile.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            • URL Reputation: safe
                                                                                            		unknown
                                                                                            https://www.google.com/recaptcha/file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://checkout.steampowered.com/file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • URL Reputation: safe
                                                                                              		unknown
                                                                                              https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28bfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.pngfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                • URL Reputation: safe
                                                                                                		unknown
                                                                                                https://store.steampowered.com/;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                • URL Reputation: safe
                                                                                                		unknown
                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/profile.js?v=KkhJqW2NGKiM&amp;l=englifile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://store.steampowered.com/about/file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  • URL Reputation: safe
                                                                                                  		unknown
                                                                                                  https://community.cloudflare.steamstatic.com/file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://steamcommunity.com/my/wishlist/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://sergei-esenin.com/Kfile.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        https://steamcommunity.com/2file.exe, 00000001.00000003.2236374585.0000000001466000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001466000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://avatars.cloudflare.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://help.steampowered.com/en/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              https://steamcommunity.com/market/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                https://store.steampowered.com/news/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown
                                                                                                                http://store.steampowered.com/subscriber_agreement/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                • URL Reputation: safe
                                                                                                                		unknown
                                                                                                                https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.orgfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238156506.0000000001446000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuXfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://recaptcha.net/recaptcha/;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://dissapoiznw.store:443/apifile.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://steamcommunity.com/discussions/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          https://sergei-esenin.com/apiAfile.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            https://steamcommunity.com/Lfile.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://store.steampowered.com/stats/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              • URL Reputation: safe
                                                                                                                              		unknown
                                                                                                                              https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&amp;l=englisfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://medal.tvfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                • URL Reputation: safe
                                                                                                                                		unknown
                                                                                                                                https://broadcast.st.dl.eccdnx.comfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                • URL Reputation: safe
                                                                                                                                		unknown
                                                                                                                                https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&ampfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  https://store.steampowered.com/steam_refunds/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  • URL Reputation: safe
                                                                                                                                  		unknown
                                                                                                                                  https://community.cloudflare.steamstatic.com/public/images/skin_1/arrowDn9x5.giffile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?vfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      https://sergei-esenin.com/apiKfile.exe, 00000001.00000003.2236484730.000000000148A000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238427249.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.pfile.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown
                                                                                                                                          https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://steamcommunity.com/workshop/file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://login.steampowered.com/file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                • URL Reputation: safe
                                                                                                                                                		unknown
                                                                                                                                                https://store.steampowered.com/legal/file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                • URL Reputation: safe
                                                                                                                                                		unknown
                                                                                                                                                https://community.cloudflare.steamstatic.com/public/css/file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&amp;l=englfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&amp;l=file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://community.cloudflare.steamstatic.com/public/css/skin_1/profilev2.css?v=gNE3gksLVEVa&amp;l=enfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&amp;l=english&amfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&amp;l=englifile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            https://recaptcha.netfile.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://store.steampowered.com/file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://clearancek.site:443/apiXfile.exe, 00000001.00000003.2236374585.0000000001450000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238292713.0000000001450000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&amp;file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000002.2238516839.00000000014D5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C42cb6563c5fec81file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  http://127.0.0.1:27060file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236141261.000000000148A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1file.exe, 00000001.00000002.2238576561.00000000014DD000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014C4000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236082790.00000000014CC000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236374585.0000000001449000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236125682.00000000014D6000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000001.00000003.2236323974.00000000014CC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown

                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                      Public IPs

                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                      104.102.49.254
                                                                                                                                                                      		steamcommunity.comUnited States
                                                                                                                                                                      		16625AKAMAI-ASUStrue

                                                                                                                                                                      General Information

                                                                                                                                                                      Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                      Analysis ID:1542410
                                                                                                                                                                      Start date and time:2024-10-25 21:51:08 +02:00
                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                      Overall analysis duration:0h 2m 50s
                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                      Report type:full
                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                      Number of analysed new started processes analysed:2
                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                      Technologies:
                                                                                                                                                                      • HCA enabled
                                                                                                                                                                      • EGA enabled
                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                      Sample name:file.exe
                                                                                                                                                                      Detection:MAL
                                                                                                                                                                      Classification:mal100.troj.evad.winEXE@1/0@10/1
                                                                                                                                                                      EGA Information:
                                                                                                                                                                      • Successful, ratio: 100%
                                                                                                                                                                      HCA Information:Failed
                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                      • Found application associated with file extension: .exe
                                                                                                                                                                      • Stop behavior analysis, all processes terminated

                                                                                                                                                                      Warnings

                                                                                                                                                                      • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                                                                      • Excluded domains from analysis (whitelisted): client.wns.windows.com, otelrules.azureedge.net
                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                      • VT rate limit hit for: file.exe

                                                                                                                                                                      Simulations

                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                      15:52:10API Interceptor4x Sleep call for process: file.exe modified

                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                      IPs

                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                      104.102.49.254http://gtm-cn-j4g3qqvf603.steamproxy1.com/Get hashmaliciousUnknownBrowse
                                                                                                                                                                      • www.valvesoftware.com/legal.htm

                                                                                                                                                                      Domains

                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                      steamcommunity.comfile.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      ldr_clp.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      Instruction_1928.pdf.lnk.download.lnkGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      ldr_clp.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 104.102.49.254

                                                                                                                                                                      ASNs

                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                      AKAMAI-ASUShttp://www.wattpad.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 23.38.98.201
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      Fanduel CO Player Location Check F.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 184.28.90.27
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      [EXT] [ #ENCRYPT ] WSRB 401k, Trustee to Trustee Transfer form.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 184.28.90.27
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254

                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                      a0e9f5d64349fb13191bc781f81f42e11.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      Setup.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      SecuriteInfo.com.Win32.DropperX-gen.11055.6641.exeGet hashmaliciousBlackMoonBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      SecuriteInfo.com.Win32.DropperX-gen.11055.6641.exeGet hashmaliciousBlackMoonBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                      • 104.102.49.254

                                                                                                                                                                      Dropped Files

                                                                                                                                                                      No context

                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                      No created / dropped files found

                                                                                                                                                                      Static File Info

                                                                                                                                                                      General

                                                                                                                                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                      Entropy (8bit):6.5036270157381795
                                                                                                                                                                      TrID:
                                                                                                                                                                      • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                      • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                      File name:file.exe
                                                                                                                                                                      File size:2'974'720 bytes
                                                                                                                                                                      MD5:c2fd4f13dbcbcdca3d4c63a41bb3d9ba
                                                                                                                                                                      SHA1:7bf2a8be1c62b7f00da60c08a3907246b2852283
                                                                                                                                                                      SHA256:1a762c8643e53ce22340047e05f9a171546669523a2e1166a8dc5cf59d626575
                                                                                                                                                                      SHA512:4d050b975209f5e33bd72ebe884a039bc3db0e34f6f60155112128dcf896518fe72f56a7745b08d928828bc7309a761560edbcd38f2c8634e79967c367e46c23
                                                                                                                                                                      SSDEEP:49152:vU/KqI1v4n+9INvofWSG3OdBhECpWYbxWxcC19i2mhFE:uIp6lvofWSq1CTb4vqh6
                                                                                                                                                                      TLSH:A8D53BE2740A72CFD08B1274A527DD5ABA6D87B9472149E3E82C74BBFD63CC111B9C24
                                                                                                                                                                      File Content Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L...J..f..............................0...........@...........................1.....D.-...@.................................W...k..

                                                                                                                                                                      File Icon

                                                                                                                                                                      Icon Hash:00928e8e8686b000

                                                                                                                                                                      Static PE Info

                                                                                                                                                                      General

                                                                                                                                                                      Entrypoint:0x70e000
                                                                                                                                                                      Entrypoint Section:.taggant
                                                                                                                                                                      Digitally signed:false
                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                      Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                      DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                      Time Stamp:0x66FFF14A [Fri Oct 4 13:44:42 2024 UTC]
                                                                                                                                                                      TLS Callbacks:
                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                      OS Version Major:6
                                                                                                                                                                      OS Version Minor:0
                                                                                                                                                                      File Version Major:6
                                                                                                                                                                      File Version Minor:0
                                                                                                                                                                      Subsystem Version Major:6
                                                                                                                                                                      Subsystem Version Minor:0
                                                                                                                                                                      Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                      Instruction
                                                                                                                                                                      jmp 00007FE4ECD0EABAh
                                                                                                                                                                      cmovb ebp, dword ptr [00000000h]
                                                                                                                                                                      add cl, ch
                                                                                                                                                                      add byte ptr [eax], ah
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [esi], al
                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], dh
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [edx], cl
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [esi], al
                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [esi], al
                                                                                                                                                                      add byte ptr [eax], 00000000h
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      adc byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add ecx, dword ptr [edx]
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                      add byte ptr [eax], al

                                                                                                                                                                      Data Directories

                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0x5f0570x6b.idata
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x5f1f80x8.idata
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                      Sections

                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                      0x10000x5d0000x25e00ed1545e9b8db56f5f4891d152c4a5f0aFalse0.9995423370462047data7.980557470764062IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                      .rsrc 0x5e0000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                      .idata 0x5f0000x10000x200fe72def8b74193a84232a780098a7ce0False0.150390625data1.04205214219471IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                      wovnjubk0x600000x2ad0000x2ace00c8ba2b6aea7f521361b5e8f520ebc417unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                      yaqwutur0x30d0000x10000x400e50504822262e5826f426683cc94195eFalse0.693359375data5.597334070076034IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                      .taggant0x30e0000x30000x2200e684e9547866298784fe0055efbd2915False0.0627297794117647DOS executable (COM)0.6592502449219162IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                      Imports

                                                                                                                                                                      DLLImport
                                                                                                                                                                      kernel32.dlllstrcpy

                                                                                                                                                                      Network Behavior

                                                                                                                                                                      Suricata IDS Alerts

                                                                                                                                                                      TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                      2024-10-25T21:52:11.821142+02002056471ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (clearancek .site)1192.168.2.6571511.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:11.888920+02002056485ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (mobbipenju .store)1192.168.2.6636491.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:11.910630+02002056483ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (eaglepawnoy .store)1192.168.2.6552701.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:11.993335+02002056481ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (dissapoiznw .store)1192.168.2.6545971.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:12.010457+02002056479ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (studennotediw .store)1192.168.2.6527671.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:12.025566+02002056477ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (bathdoomgaz .store)1192.168.2.6545091.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:12.038171+02002056475ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (spirittunek .store)1192.168.2.6642061.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:12.055107+02002056473ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (licendfilteo .site)1192.168.2.6650251.1.1.153UDP
                                                                                                                                                                      2024-10-25T21:52:13.666681+02002858666ETPRO MALWARE Win32/Lumma Stealer Steam Profile Lookup1192.168.2.649719104.102.49.254443TCP

                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                      TCP Packets

                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                      Oct 25, 2024 21:52:12.083950996 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:12.083983898 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.084081888 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:12.139904976 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:12.139925957 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.990523100 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.990636110 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:12.992413998 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:12.992420912 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.992685080 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.036283970 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.084894896 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.127338886 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.666752100 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.666790009 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.666831970 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.666858912 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.666892052 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.667121887 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.667207956 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.667273045 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.667311907 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.681969881 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.682018042 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.682065964 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.682084084 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.682101011 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.682131052 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.695549965 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.695645094 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.695666075 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.695682049 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.695710897 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.695766926 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.715545893 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.715560913 CEST44349719104.102.49.254192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.715601921 CEST49719443192.168.2.6104.102.49.254
                                                                                                                                                                      Oct 25, 2024 21:52:13.715609074 CEST44349719104.102.49.254192.168.2.6

                                                                                                                                                                      UDP Packets

                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                      Oct 25, 2024 21:52:11.821141958 CEST5715153192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:11.833626986 CEST53571511.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:11.888920069 CEST6364953192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:11.901309013 CEST53636491.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:11.910629988 CEST5527053192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:11.921093941 CEST53552701.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:11.993335009 CEST5459753192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.003000975 CEST53545971.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.010457039 CEST5276753192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.024178982 CEST53527671.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.025566101 CEST5450953192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.034694910 CEST53545091.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.038171053 CEST6420653192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.052886963 CEST53642061.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.055107117 CEST6502553192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.065769911 CEST53650251.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:12.070177078 CEST5013953192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:12.077997923 CEST53501391.1.1.1192.168.2.6
                                                                                                                                                                      Oct 25, 2024 21:52:13.733191967 CEST5875753192.168.2.61.1.1.1
                                                                                                                                                                      Oct 25, 2024 21:52:13.744096041 CEST53587571.1.1.1192.168.2.6

                                                                                                                                                                      DNS Queries

                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                      Oct 25, 2024 21:52:11.821141958 CEST192.168.2.61.1.1.10x1a8bStandard query (0)clearancek.siteA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:11.888920069 CEST192.168.2.61.1.1.10x58bcStandard query (0)mobbipenju.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:11.910629988 CEST192.168.2.61.1.1.10x4baStandard query (0)eaglepawnoy.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:11.993335009 CEST192.168.2.61.1.1.10xf88bStandard query (0)dissapoiznw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.010457039 CEST192.168.2.61.1.1.10x2ff4Standard query (0)studennotediw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.025566101 CEST192.168.2.61.1.1.10x7dbStandard query (0)bathdoomgaz.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.038171053 CEST192.168.2.61.1.1.10xeb8aStandard query (0)spirittunek.storeA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.055107117 CEST192.168.2.61.1.1.10x88a0Standard query (0)licendfilteo.siteA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.070177078 CEST192.168.2.61.1.1.10x7459Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:13.733191967 CEST192.168.2.61.1.1.10x9762Standard query (0)sergei-esenin.comA (IP address)IN (0x0001)false

                                                                                                                                                                      DNS Answers

                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                      Oct 25, 2024 21:52:11.833626986 CEST1.1.1.1192.168.2.60x1a8bName error (3)clearancek.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:11.901309013 CEST1.1.1.1192.168.2.60x58bcName error (3)mobbipenju.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:11.921093941 CEST1.1.1.1192.168.2.60x4baName error (3)eaglepawnoy.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.003000975 CEST1.1.1.1192.168.2.60xf88bName error (3)dissapoiznw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.024178982 CEST1.1.1.1192.168.2.60x2ff4Name error (3)studennotediw.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.034694910 CEST1.1.1.1192.168.2.60x7dbName error (3)bathdoomgaz.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.052886963 CEST1.1.1.1192.168.2.60xeb8aName error (3)spirittunek.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.065769911 CEST1.1.1.1192.168.2.60x88a0Name error (3)licendfilteo.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:12.077997923 CEST1.1.1.1192.168.2.60x7459No error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                      Oct 25, 2024 21:52:13.744096041 CEST1.1.1.1192.168.2.60x9762Name error (3)sergei-esenin.comnonenoneA (IP address)IN (0x0001)false

                                                                                                                                                                      HTTP Request Dependency Graph

                                                                                                                                                                      • steamcommunity.com

                                                                                                                                                                      HTTPS Proxied Packets

                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                      0192.168.2.649719104.102.49.2544433040C:\Users\user\Desktop\file.exe
                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                      2024-10-25 19:52:13 UTC219OUTGET /profiles/76561199724331900 HTTP/1.1
                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                      Host: steamcommunity.com
                                                                                                                                                                      2024-10-25 19:52:13 UTC1917INHTTP/1.1 200 OK
                                                                                                                                                                      Server: nginx
                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                      Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https:// [TRUNCATED]
                                                                                                                                                                      Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                      Date: Fri, 25 Oct 2024 19:52:13 GMT
                                                                                                                                                                      Content-Length: 35741
                                                                                                                                                                      Connection: close
                                                                                                                                                                      Set-Cookie: sessionid=24617773c397a043c9b1ebce; Path=/; Secure; SameSite=None
                                                                                                                                                                      Set-Cookie: steamCountry=US%7C42cb6563c5fec8103907e3e99aebe27b; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                      2024-10-25 19:52:13 UTC14467INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                      Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                      2024-10-25 19:52:13 UTC16384INData Raw: 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 64 69 73 63 75 73 73 69 6f 6e 73 2f 22 3e 0d 0a 09 09 09 09 09 09 44 69 73 63 75 73 73 69 6f 6e 73 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74 65 6d 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 77 6f 72 6b 73 68 6f 70 2f 22 3e 0d 0a 09 09 09 09 09 09 57 6f 72 6b 73 68 6f 70 09 09 09 09 09 09 09 09 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 73 75 62 6d 65 6e 75 69 74
                                                                                                                                                                      Data Ascii: <a class="submenuitem" href="https://steamcommunity.com/discussions/">Discussions</a><a class="submenuitem" href="https://steamcommunity.com/workshop/">Workshop</a><a class="submenuit
                                                                                                                                                                      2024-10-25 19:52:13 UTC3768INData Raw: 63 31 63 64 66 65 62 5f 66 75 6c 6c 2e 6a 70 67 22 3e 0d 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 0d 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 68 65 61 64 65 72 5f 62 61 64 67 65 69 6e 66 6f 22 3e 0d 0a 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 68 65 61 64 65 72 5f 62 61 64 67 65 69 6e 66 6f 5f 62 61 64 67 65 5f 61 72 65 61 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 70 65
                                                                                                                                                                      Data Ascii: c1cdfeb_full.jpg"></div></div><div class="profile_header_badgeinfo"><div class="profile_header_badgeinfo_badge_area"><a data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="pe
                                                                                                                                                                      2024-10-25 19:52:13 UTC1122INData Raw: 70 72 6f 70 65 72 74 79 20 6f 66 20 74 68 65 69 72 20 72 65 73 70 65 63 74 69 76 65 20 6f 77 6e 65 72 73 20 69 6e 20 74 68 65 20 55 53 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 75 6e 74 72 69 65 73 2e 3c 62 72 2f 3e 53 6f 6d 65 20 67 65 6f 73 70 61 74 69 61 6c 20 64 61 74 61 20 6f 6e 20 74 68 69 73 20 77 65 62 73 69 74 65 20 69 73 20 70 72 6f 76 69 64 65 64 20 62 79 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 73 74 65 61 6d 63 6f 6d 6d 75 6e 69 74 79 2e 63 6f 6d 2f 6c 69 6e 6b 66 69 6c 74 65 72 2f 3f 75 3d 68 74 74 70 25 33 41 25 32 46 25 32 46 77 77 77 2e 67 65 6f 6e 61 6d 65 73 2e 6f 72 67 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 20 72 65 6c 3d 22 20 6e 6f 6f 70 65 6e 65 72 22 3e 67 65 6f 6e 61 6d 65 73 2e 6f 72 67 3c 2f 61 3e 2e 09 09
                                                                                                                                                                      Data Ascii: property of their respective owners in the US and other countries.<br/>Some geospatial data on this website is provided by <a href="https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org" target="_blank" rel=" noopener">geonames.org</a>.


                                                                                                                                                                      Statistics

                                                                                                                                                                      CPU Usage

                                                                                                                                                                      Click to jump to process

                                                                                                                                                                      Memory Usage

                                                                                                                                                                      Click to jump to process

                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                      System Behavior

                                                                                                                                                                      General

                                                                                                                                                                      Target ID:1
                                                                                                                                                                      Start time:15:52:08
                                                                                                                                                                      Start date:25/10/2024
                                                                                                                                                                      Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                      Imagebase:0xdc0000
                                                                                                                                                                      File size:2'974'720 bytes
                                                                                                                                                                      MD5 hash:C2FD4F13DBCBCDCA3D4C63A41BB3D9BA
                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                      Reputation:low
                                                                                                                                                                      Has exited:true

                                                                                                                                                                      Disassembly

                                                                                                                                                                      Reset < >

                                                                                                                                                                        Execution Graph

                                                                                                                                                                        Execution Coverage:0.8%
                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                        Signature Coverage:73%
                                                                                                                                                                        Total number of Nodes:37
                                                                                                                                                                        Total number of Limit Nodes:3
                                                                                                                                                                        execution_graph 20403 e099d0 20404 e099f5 20403->20404 20406 e09a5f 20404->20406 20409 e05bb0 LdrInitializeThunk 20404->20409 20405 e09b0e 20406->20405 20410 e05bb0 LdrInitializeThunk 20406->20410 20409->20406 20410->20405 20374 e03202 RtlAllocateHeap 20411 dfd9cb 20413 dfd9fb 20411->20413 20412 dfda65 20413->20412 20415 e05bb0 LdrInitializeThunk 20413->20415 20415->20413 20375 dd049b 20379 dd0227 20375->20379 20376 dd0455 20382 e05700 RtlFreeHeap 20376->20382 20379->20376 20380 dd0308 20379->20380 20381 e05700 RtlFreeHeap 20379->20381 20381->20376 20382->20380 20416 e064b8 20417 e063f2 20416->20417 20418 e0646e 20417->20418 20420 e05bb0 LdrInitializeThunk 20417->20420 20420->20418 20383 dcedb5 20386 dcedd0 20383->20386 20387 dcfca0 20386->20387 20390 dcfcdc 20387->20390 20388 dcef70 20390->20388 20391 e03220 20390->20391 20392 e032a2 RtlFreeHeap 20391->20392 20393 e032ac 20391->20393 20394 e03236 20391->20394 20392->20393 20393->20388 20394->20392 20421 e0695b 20422 e06965 20421->20422 20422->20422 20423 e06a5e 20422->20423 20425 e05bb0 LdrInitializeThunk 20422->20425 20425->20423 20395 dcd110 20396 dcd119 20395->20396 20397 dcd2ee ExitProcess 20396->20397

                                                                                                                                                                        Executed Functions

                                                                                                                                                                        Function 00DCFCA0 Relevance: 5.4, Strings: 4, Instructions: 373COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 25 dcfca0-dcfcda 26 dcfcdc-dcfcdf 25->26 27 dcfd0b-dcfe22 25->27 30 dcfce0-dcfd09 call dd2690 26->30 28 dcfe5b-dcfe8c 27->28 29 dcfe24 27->29 32 dcfe8e-dcfe8f 28->32 33 dcfeb6-dcfecf call dd0b50 28->33 31 dcfe30-dcfe59 call dd2760 29->31 30->27 31->28 37 dcfe90-dcfeb4 call dd2700 32->37 43 dcffe4-dcffe6 33->43 44 dcfed5-dcfef8 33->44 37->33 45 dd01b1-dd01bb 43->45 46 dcfefa 44->46 47 dcff2b-dcff2d 44->47 48 dcff00-dcff29 call dd27e0 46->48 49 dcff30-dcff3a 47->49 48->47 51 dcff3c-dcff3f 49->51 52 dcff41-dcff49 49->52 51->49 51->52 54 dcff4f-dcff76 52->54 55 dd01a2-dd01a5 call e03220 52->55 56 dcff78 54->56 57 dcffab-dcffb5 54->57 59 dd01aa-dd01ad 55->59 60 dcff80-dcffa9 call dd2840 56->60 61 dcffeb 57->61 62 dcffb7-dcffbb 57->62 59->45 60->57 63 dcffed-dcffef 61->63 65 dcffc7-dcffcb 62->65 66 dd019a 63->66 68 dcfff5-dd002c 63->68 65->66 67 dcffd1-dcffd8 65->67 66->55 70 dcffde 67->70 71 dcffda-dcffdc 67->71 72 dd002e-dd002f 68->72 73 dd005b-dd0065 68->73 74 dcffc0-dcffc5 70->74 75 dcffe0-dcffe2 70->75 71->70 76 dd0030-dd0059 call dd28a0 72->76 77 dd00a4 73->77 78 dd0067-dd006f 73->78 74->63 74->65 75->74 76->73 79 dd00a6-dd00a8 77->79 81 dd0087-dd008b 78->81 79->66 83 dd00ae-dd00c5 79->83 81->66 82 dd0091-dd0098 81->82 85 dd009e 82->85 86 dd009a-dd009c 82->86 87 dd00fb-dd0102 83->87 88 dd00c7 83->88 89 dd0080-dd0085 85->89 90 dd00a0-dd00a2 85->90 86->85 92 dd0104-dd010d 87->92 93 dd0130-dd013c 87->93 91 dd00d0-dd00f9 call dd2900 88->91 89->79 89->81 90->89 91->87 96 dd0117-dd011b 92->96 94 dd01c2-dd01c7 93->94 94->55 96->66 98 dd011d-dd0124 96->98 99 dd012a 98->99 100 dd0126-dd0128 98->100 101 dd012c-dd012e 99->101 102 dd0110-dd0115 99->102 100->99 101->102 102->96 103 dd0141-dd0143 102->103 103->66 104 dd0145-dd015b 103->104 104->94 105 dd015d-dd015f 104->105 106 dd0163-dd0166 105->106 107 dd01bc 106->107 108 dd0168-dd0188 call dd2030 106->108 107->94 111 dd018a-dd0190 108->111 112 dd0192-dd0198 108->112 111->106 111->112 112->94
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: J|BJ$V$VY^_$t
                                                                                                                                                                        • API String ID: 0-3701112211
                                                                                                                                                                        • Opcode ID: d9568cd749b85eb5a690d71076ea988500313ff5c51676fe63225c34d9213a2b
                                                                                                                                                                        • Instruction ID: c9fa163baf2103517bc4372b6b5ac8cdd385516f19d1ad318a8332e1b519af97
                                                                                                                                                                        • Opcode Fuzzy Hash: d9568cd749b85eb5a690d71076ea988500313ff5c51676fe63225c34d9213a2b
                                                                                                                                                                        • Instruction Fuzzy Hash: 6CD155745083819BD321DF189490B6FBFE2EB96B44F18881DF4C99B352C336C949DBA2
                                                                                                                                                                        Function 00DCD110 Relevance: 1.7, APIs: 1, Instructions: 168COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 149 dcd110-dcd11b call e04cc0 152 dcd2ee-dcd2f6 ExitProcess 149->152 153 dcd121-dcd130 call dfc8d0 149->153 157 dcd2e9 call e056e0 153->157 158 dcd136-dcd15f 153->158 157->152 162 dcd196-dcd1bf 158->162 163 dcd161 158->163 164 dcd1f6-dcd20c 162->164 165 dcd1c1 162->165 166 dcd170-dcd194 call dcd300 163->166 168 dcd20e-dcd20f 164->168 169 dcd239-dcd23b 164->169 167 dcd1d0-dcd1f4 call dcd370 165->167 166->162 167->164 172 dcd210-dcd237 call dcd3e0 168->172 173 dcd23d-dcd25a 169->173 174 dcd286-dcd2aa 169->174 172->169 173->174 180 dcd25c-dcd25f 173->180 176 dcd2ac-dcd2af 174->176 177 dcd2d6 call dce8f0 174->177 181 dcd2b0-dcd2d4 call dcd490 176->181 186 dcd2db-dcd2dd 177->186 184 dcd260-dcd284 call dcd440 180->184 181->177 184->174 186->157 189 dcd2df-dcd2e4 call dd2f10 call dd0b40 186->189 189->157
                                                                                                                                                                        APIs
                                                                                                                                                                        • ExitProcess.KERNEL32(00000000), ref: 00DCD2F1
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: ExitProcess
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 621844428-0
                                                                                                                                                                        • Opcode ID: 41b6bc7d15046f71f8030e2ceb2ee2659a8be2cb57eafa4bb9c9e2a15ad33d71
                                                                                                                                                                        • Instruction ID: 9d4d0b424671e596d59bc10ce9794beab8d9844ec431b348548264034dd6273f
                                                                                                                                                                        • Opcode Fuzzy Hash: 41b6bc7d15046f71f8030e2ceb2ee2659a8be2cb57eafa4bb9c9e2a15ad33d71
                                                                                                                                                                        • Instruction Fuzzy Hash: EE41037440D381ABD201AB68D985E2EFBF6EF52745F188C2CE5C497252C33AD8149B6B
                                                                                                                                                                        Function 00E05BB0 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 204 e05bb0-e05be2 LdrInitializeThunk
                                                                                                                                                                        APIs
                                                                                                                                                                        • LdrInitializeThunk.NTDLL(00E0973D,005C003F,00000006,?,?,00000018,8C8D8A8B,?,?), ref: 00E05BDE
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 2994545307-0
                                                                                                                                                                        • Opcode ID: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
                                                                                                                                                                        • Instruction ID: fb6f357373f259be8b0e83fffc5d2a3912a28e0da7d2036ce94b71e982b3a7e9
                                                                                                                                                                        • Opcode Fuzzy Hash: b66ff63dfd389af1bc8afcc0025f999e8b2b47508af02e865142dda64173a8e3
                                                                                                                                                                        • Instruction Fuzzy Hash: 76E0FE75908316AB9A09CF45C14444EFBE5BFC4714F11CC8DA4D867210D3B0AD46DF82
                                                                                                                                                                        Function 00E0695B Relevance: 1.4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 233 e0695b-e0696b call e04a20 236 e06981-e06a02 233->236 237 e0696d 233->237 239 e06a04 236->239 240 e06a36-e06a42 236->240 238 e06970-e0697f 237->238 238->236 238->238 241 e06a10-e06a34 call e073e0 239->241 242 e06a44-e06a4f 240->242 243 e06a85-e06a9f 240->243 241->240 245 e06a50-e06a57 242->245 247 e06a60-e06a66 245->247 248 e06a59-e06a5c 245->248 247->243 250 e06a68-e06a7d call e05bb0 247->250 248->245 249 e06a5e 248->249 249->243 252 e06a82 250->252 252->243
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: @
                                                                                                                                                                        • API String ID: 0-2766056989
                                                                                                                                                                        • Opcode ID: 9b611e0e6a440759f01d84aa452e98367576e47a520fd4568d11024439900cac
                                                                                                                                                                        • Instruction ID: 69e5c9f03eff4daadff05b559c3a7a66f4d8be8620c2aee05ae1e50d7967a7ab
                                                                                                                                                                        • Opcode Fuzzy Hash: 9b611e0e6a440759f01d84aa452e98367576e47a520fd4568d11024439900cac
                                                                                                                                                                        • Instruction Fuzzy Hash: D531ADB1A083019FD718EF15C89072BB7F1FF94348F44A81CE5C6A72A1E3749994CB56
                                                                                                                                                                        Function 00DD049B Relevance: .3, Instructions: 264COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 253 dd049b-dd0515 call dcc9f0 257 dd051c-dd051e 253->257 258 dd035f-dd0367 253->258 259 dd03be 253->259 260 dd03de-dd03e3 253->260 261 dd0339-dd034f 253->261 262 dd045b-dd0469 call e05700 253->262 263 dd03fb-dd0414 253->263 264 dd0417-dd0430 253->264 265 dd0356 253->265 266 dd0311-dd0332 253->266 267 dd0370-dd037e 253->267 268 dd03d0-dd03d7 253->268 269 dd0393-dd0397 253->269 270 dd0472-dd0477 253->270 271 dd03ec-dd03f4 253->271 272 dd0308-dd030c 253->272 273 dd0227-dd023b 253->273 274 dd0246-dd0260 253->274 275 dd0386-dd038c 253->275 276 dd0440-dd0458 call e05700 253->276 277 dd0480 253->277 278 dd0242-dd0244 253->278 279 dd0482-dd0484 253->279 286 dd0520 257->286 258->267 259->268 260->271 261->258 261->259 261->260 261->262 261->263 261->264 261->265 261->267 261->268 261->269 261->270 261->271 261->275 261->276 261->277 261->279 262->270 263->264 264->276 265->258 266->258 266->259 266->260 266->261 266->262 266->263 266->264 266->265 266->267 266->268 266->269 266->270 266->271 266->275 266->276 266->277 266->279 267->275 268->260 268->263 268->264 268->269 268->270 268->271 268->275 268->277 268->279 291 dd03a0-dd03b7 269->291 270->277 271->263 271->269 271->270 271->277 271->279 281 dd048d-dd0496 272->281 273->258 273->259 273->260 273->261 273->262 273->263 273->264 273->265 273->266 273->267 273->268 273->269 273->270 273->271 273->272 273->274 273->275 273->276 273->277 273->278 273->279 284 dd0294 274->284 285 dd0262 274->285 275->269 275->270 275->277 275->279 276->262 283 dd0296-dd02bd 278->283 279->281 281->286 293 dd02bf 283->293 294 dd02ea-dd0301 283->294 284->283 292 dd0270-dd0292 call dd2eb0 285->292 298 dd0529-dd0b30 286->298 291->259 291->260 291->262 291->263 291->264 291->268 291->269 291->270 291->271 291->275 291->276 291->277 291->279 292->284 300 dd02c0-dd02e8 call dd2e70 293->300 294->258 294->259 294->260 294->261 294->262 294->263 294->264 294->265 294->266 294->267 294->268 294->269 294->270 294->271 294->272 294->275 294->276 294->277 294->279 300->294
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 75479f95632a160477e7bdaac8152d061c5f52e2a5b21511abb2c554676d37e8
                                                                                                                                                                        • Instruction ID: 760399eb4addaf4a68f6641fbb6ef792d1ee3269059d57d9d831b020ed9484ed
                                                                                                                                                                        • Opcode Fuzzy Hash: 75479f95632a160477e7bdaac8152d061c5f52e2a5b21511abb2c554676d37e8
                                                                                                                                                                        • Instruction Fuzzy Hash: EE916A75200700CFD724CF26E894B16B7F6FF89310F158A6DE8969BAA1D731E859CB60
                                                                                                                                                                        Function 00DD0228 Relevance: .2, Instructions: 218COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 307 dd0228-dd023b 308 dd035f-dd0367 307->308 309 dd03be 307->309 310 dd03de-dd03e3 307->310 311 dd0339-dd034f 307->311 312 dd045b-dd0469 call e05700 307->312 313 dd03fb-dd0414 307->313 314 dd0417-dd0430 307->314 315 dd0356 307->315 316 dd0311-dd0332 307->316 317 dd0370-dd037e 307->317 318 dd03d0-dd03d7 307->318 319 dd0393-dd0397 307->319 320 dd0472-dd0477 307->320 321 dd03ec-dd03f4 307->321 322 dd0308-dd030c 307->322 323 dd0246-dd0260 307->323 324 dd0386-dd038c 307->324 325 dd0440-dd0458 call e05700 307->325 326 dd0480 307->326 327 dd0242-dd0244 307->327 328 dd0482-dd0484 307->328 308->317 309->318 310->321 311->308 311->309 311->310 311->312 311->313 311->314 311->315 311->317 311->318 311->319 311->320 311->321 311->324 311->325 311->326 311->328 312->320 313->314 314->325 315->308 316->308 316->309 316->310 316->311 316->312 316->313 316->314 316->315 316->317 316->318 316->319 316->320 316->321 316->324 316->325 316->326 316->328 317->324 318->310 318->313 318->314 318->319 318->320 318->321 318->324 318->326 318->328 339 dd03a0-dd03b7 319->339 320->326 321->313 321->319 321->320 321->326 321->328 330 dd048d-dd0496 322->330 333 dd0294 323->333 334 dd0262 323->334 324->319 324->320 324->326 324->328 325->312 332 dd0296-dd02bd 327->332 328->330 349 dd0520 330->349 341 dd02bf 332->341 342 dd02ea-dd0301 332->342 333->332 340 dd0270-dd0292 call dd2eb0 334->340 339->309 339->310 339->312 339->313 339->314 339->318 339->319 339->320 339->321 339->324 339->325 339->326 339->328 340->333 347 dd02c0-dd02e8 call dd2e70 341->347 342->308 342->309 342->310 342->311 342->312 342->313 342->314 342->315 342->316 342->317 342->318 342->319 342->320 342->321 342->322 342->324 342->325 342->326 342->328 347->342 353 dd0529-dd0b30 349->353
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 61438d7ab8c9835914fde4d458942ba50ed1262218e491cf24de3e652ee581b7
                                                                                                                                                                        • Instruction ID: 7917c5918d8508af9445223a3230244fc3069f7635afe06642e4166afe4a26d1
                                                                                                                                                                        • Opcode Fuzzy Hash: 61438d7ab8c9835914fde4d458942ba50ed1262218e491cf24de3e652ee581b7
                                                                                                                                                                        • Instruction Fuzzy Hash: 3A715C75200701DFD724CF22E894B16BBF6FF89314F148969E89697AA2C731E859CB60
                                                                                                                                                                        Function 00E099D0 Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 356 e099d0-e099f3 357 e099f5 356->357 358 e09a2b-e09a3b 356->358 359 e09a00-e09a29 call e0ae40 357->359 360 e09a8c-e09a95 358->360 361 e09a3d-e09a4f 358->361 359->358 362 e09b36-e09b38 360->362 363 e09a9b-e09ab5 360->363 365 e09a50-e09a58 361->365 366 e09b49-e09b50 362->366 367 e09b3a-e09b41 362->367 368 e09ae6-e09af2 363->368 369 e09ab7 363->369 371 e09a61-e09a67 365->371 372 e09a5a-e09a5d 365->372 373 e09b43 367->373 374 e09b47 367->374 376 e09af4-e09aff 368->376 377 e09b2e-e09b30 368->377 375 e09ac0-e09ae4 call e0ae40 369->375 371->360 379 e09a69-e09a84 call e05bb0 371->379 372->365 378 e09a5f 372->378 373->374 374->366 375->368 382 e09b00-e09b07 376->382 377->362 380 e09b32 377->380 378->360 387 e09a89 379->387 380->362 385 e09b10-e09b16 382->385 386 e09b09-e09b0c 382->386 385->377 389 e09b18-e09b2b call e05bb0 385->389 386->382 388 e09b0e 386->388 387->360 388->377 389->377
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: f37ecfd4678150404dd3a0fbd604cd45e983c279e03d3076e310c58b826e8a4e
                                                                                                                                                                        • Instruction ID: cd2a7bbca043848a4d0c3bab39d1f6f1bb97f37c4d8dbe43ee897763c0736330
                                                                                                                                                                        • Opcode Fuzzy Hash: f37ecfd4678150404dd3a0fbd604cd45e983c279e03d3076e310c58b826e8a4e
                                                                                                                                                                        • Instruction Fuzzy Hash: F041AF35208300AFD7149E15D891B2BB7F6EB85724F14A82CE5C9A72D3D335E881CF66
                                                                                                                                                                        Function 00E063B8 Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 2994545307-0
                                                                                                                                                                        • Opcode ID: ce3edbf5943bb2a2ded39205bb6f625ac465e0307bb02784e6e3bd9db3ca7d9e
                                                                                                                                                                        • Instruction ID: 0c5579ab723510f1531300d197334574621bf3ff4754dfa23d4f31ceabfc78cc
                                                                                                                                                                        • Opcode Fuzzy Hash: ce3edbf5943bb2a2ded39205bb6f625ac465e0307bb02784e6e3bd9db3ca7d9e
                                                                                                                                                                        • Instruction Fuzzy Hash: C431E370609301BED624DB04CD82F2BB7A2FBC0B14F64A908F1917A2D1D3B0A8A08B52
                                                                                                                                                                        Function 00DD0EEC Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: fc32c811787c168b784adfe4735afd958e23a7ff42e0dcf38e7738205677bb7d
                                                                                                                                                                        • Instruction ID: 65529d002218870ba4d7fe7734db2f1fef03233ca364480bbce5b2ded813532e
                                                                                                                                                                        • Opcode Fuzzy Hash: fc32c811787c168b784adfe4735afd958e23a7ff42e0dcf38e7738205677bb7d
                                                                                                                                                                        • Instruction Fuzzy Hash: E6211AB490022A9FDB15CFA4CC90BBEBBB5FF4A304F244859E511BB392C735A915CB64
                                                                                                                                                                        Function 00E03220 Relevance: 1.6, APIs: 1, Instructions: 59memoryCOMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 194 e03220-e0322f 195 e032a0 194->195 196 e032a2-e032a6 RtlFreeHeap 194->196 197 e03236-e03252 194->197 198 e032ac-e032b0 194->198 195->196 196->198 199 e03254 197->199 200 e03286-e03296 197->200 201 e03260-e03284 call e05af0 199->201 200->195 201->200
                                                                                                                                                                        APIs
                                                                                                                                                                        • RtlFreeHeap.NTDLL(?,00000000), ref: 00E032A6
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: FreeHeap
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 3298025750-0
                                                                                                                                                                        • Opcode ID: 5e995892bf066a9323e9bd412ed46fe3d4000eef060d05d2f447a6a776522096
                                                                                                                                                                        • Instruction ID: b63aab234b5fb8646ff0a017d30b33a756be9eb24ee60012579d3a26e948c717
                                                                                                                                                                        • Opcode Fuzzy Hash: 5e995892bf066a9323e9bd412ed46fe3d4000eef060d05d2f447a6a776522096
                                                                                                                                                                        • Instruction Fuzzy Hash: 14016D3450D2409FC701EF68E845A1ABBF8EF4A700F05891CE5C5AB361D335DD64CB96
                                                                                                                                                                        Function 00E03202 Relevance: 1.5, APIs: 1, Instructions: 6memoryCOMMON
                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                        • Executed
                                                                                                                                                                        • Not Executed
                                                                                                                                                                        control_flow_graph 205 e03202-e03211 RtlAllocateHeap
                                                                                                                                                                        APIs
                                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,00000000), ref: 00E03208
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: AllocateHeap
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 1279760036-0
                                                                                                                                                                        • Opcode ID: 18e4f1d8ea9e53f59bccc05824b2703ac313b43426658a96e3051e6db47caf69
                                                                                                                                                                        • Instruction ID: bec22979a3ee2c3da5f1df683c4770db68ae205cec0e9c9753708dba6c988e9d
                                                                                                                                                                        • Opcode Fuzzy Hash: 18e4f1d8ea9e53f59bccc05824b2703ac313b43426658a96e3051e6db47caf69
                                                                                                                                                                        • Instruction Fuzzy Hash: 6DB012300400006FDA041F00EC0AF003510EB00605F800050A100140F1D1655878C554

                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                        Function 00DF23E0 Relevance: 33.0, APIs: 4, Strings: 13, Instructions: 3298COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($3<$:$Cx$`tii$aenQ$f@~!$fedc$ggxz$mlc@${l`~$|}&C$#v
                                                                                                                                                                        • API String ID: 0-2260822535
                                                                                                                                                                        • Opcode ID: cf92ab93447d2564df151e8e8dc494683250e4f42dab9a070b12d3a3ceeb709c
                                                                                                                                                                        • Instruction ID: cd14adecffdda414b5a96e9fa6b0db7e6d4c5ec085c039e7ba296604d2517200
                                                                                                                                                                        • Opcode Fuzzy Hash: cf92ab93447d2564df151e8e8dc494683250e4f42dab9a070b12d3a3ceeb709c
                                                                                                                                                                        • Instruction Fuzzy Hash: 4733CA70104B818FD7258F39C590B72BBE1BF16304F59899DE5DA8BB92C735E806CBA1
                                                                                                                                                                        Function 00DDDB6F Relevance: 32.0, Strings: 24, Instructions: 2006COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID: %*+($()./$89&'$89>?$:WUE$<=2$<=:;$@ONM$AR$D$DCBA$LKJI$QNOL$T$WP$`Y^_$`onm$dcba$lkji$mjkh$tsrq$tuJK$xgfe$|
                                                                                                                                                                        • API String ID: 2994545307-1418943773
                                                                                                                                                                        • Opcode ID: c5aba3b3aa0f39baac1466de0e7774804092a91c065dc594bcbf5ca1385cd430
                                                                                                                                                                        • Instruction ID: 984366b2c193af3bd7ffbd5c69c14cd916d7517f0e7c9f724e799a7870fb5113
                                                                                                                                                                        • Opcode Fuzzy Hash: c5aba3b3aa0f39baac1466de0e7774804092a91c065dc594bcbf5ca1385cd430
                                                                                                                                                                        • Instruction Fuzzy Hash: 45F278B15083819BD770DF14C884BABBBE6BFD5304F18482EE4C99B391D7719985CBA2
                                                                                                                                                                        Function 00DE9F62 Relevance: 21.7, Strings: 17, Instructions: 473COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %e6g$(a*c$=]$?m,o$CG$Gt$JG$N[$WH$]{$hi$kW$/)$S]$WQ$_Y$sm
                                                                                                                                                                        • API String ID: 0-1131134755
                                                                                                                                                                        • Opcode ID: 5ab116c2b5fb2a69c3e15f5c8e32083be6153cd40eb366747c60572bfa712c45
                                                                                                                                                                        • Instruction ID: d278f53602c2240df3b8d4a9996a4d237be7810064fe843439fe2bed1ab34c93
                                                                                                                                                                        • Opcode Fuzzy Hash: 5ab116c2b5fb2a69c3e15f5c8e32083be6153cd40eb366747c60572bfa712c45
                                                                                                                                                                        • Instruction Fuzzy Hash: AE52B7B444D385CAE270CF26D581B8EBAF1BB92740F609A1DE1ED9B255DB708045CFA3
                                                                                                                                                                        Function 00DE9510 Relevance: 20.4, Strings: 16, Instructions: 427COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: !E4G$,A&C$2A"_$8;$;IJK$?M0K$B7U1$B?Q9$G'M!$G+X5$L3Y=$O+f)$T#a-$X/R)$pq$z=Q?
                                                                                                                                                                        • API String ID: 0-655414846
                                                                                                                                                                        • Opcode ID: 7b1b5e66f2e03757a96e392240ac3bd0f5c556dd7be571fd1a3a0a9cd2e86293
                                                                                                                                                                        • Instruction ID: aa30b354481251edc94596b4b3538735dd964287f47daf8a8f335f2a0ad2451e
                                                                                                                                                                        • Opcode Fuzzy Hash: 7b1b5e66f2e03757a96e392240ac3bd0f5c556dd7be571fd1a3a0a9cd2e86293
                                                                                                                                                                        • Instruction Fuzzy Hash: 22F141B01093819BD310EF16D891A2BBBF4FB8AB44F144D1CF4D99B252D374D909CBA6
                                                                                                                                                                        Function 00DEDD29 Relevance: 14.9, Strings: 11, Instructions: 1142COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($)IgK$,Q?S$-M2O$<Y.[$=]+_$Y9N;$hX]N$n\+H$upH}${E
                                                                                                                                                                        • API String ID: 0-1557708024
                                                                                                                                                                        • Opcode ID: 8ec525e89b579b509843f8ff165c3771650b2d8498eb35823ce405822a2bbd27
                                                                                                                                                                        • Instruction ID: d9d857ecb62096fe368fcc3d7f6e999355a79603b19ebfc1f53e89bc2806da32
                                                                                                                                                                        • Opcode Fuzzy Hash: 8ec525e89b579b509843f8ff165c3771650b2d8498eb35823ce405822a2bbd27
                                                                                                                                                                        • Instruction Fuzzy Hash: E9920471E00245CFDB08CF6AD8817AEBBB2FF49310F298169E555AB391D735AD05CBA0
                                                                                                                                                                        Function 00DE098B Relevance: 10.8, Strings: 8, Instructions: 836COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($&> &$,#15$9.5^$cah`$gce/$qrqp${
                                                                                                                                                                        • API String ID: 0-4102007303
                                                                                                                                                                        • Opcode ID: ba7c0ca7d5e7cb8f12f3c3775f9350b80306b5bc445684bbbef3de1cca7b6e2a
                                                                                                                                                                        • Instruction ID: a1b05b87588e810bd4b249d4e0d75701aa8d526f77272919f08e6f31bf272c03
                                                                                                                                                                        • Opcode Fuzzy Hash: ba7c0ca7d5e7cb8f12f3c3775f9350b80306b5bc445684bbbef3de1cca7b6e2a
                                                                                                                                                                        • Instruction Fuzzy Hash: BC62AAB56083818FD330DF15C891BABBBE1FF96314F08492DE49A8B681D3758985CB63
                                                                                                                                                                        Function 00DC1000 Relevance: 10.5, Strings: 7, Instructions: 1785COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$@$gfff$gfff$gfff
                                                                                                                                                                        • API String ID: 0-2517803157
                                                                                                                                                                        • Opcode ID: f65fc32b6d7c69fabdb1dd891676d1c31efe47200a591a8c54c8f1d91b18ac83
                                                                                                                                                                        • Instruction ID: 8f3235b85b3af30d9fbec2d19b21d16a1ec1852690e2f77ce89ed4ec6587eeda
                                                                                                                                                                        • Opcode Fuzzy Hash: f65fc32b6d7c69fabdb1dd891676d1c31efe47200a591a8c54c8f1d91b18ac83
                                                                                                                                                                        • Instruction Fuzzy Hash: 35D2F3756083528FD718CE28C490B6ABBE2AFD5314F1CCA2DE49987392D734DD45CBA2
                                                                                                                                                                        Function 00F9428F Relevance: 10.5, Strings: 7, Instructions: 1709COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 0R'q$[Oi}$]Ke^$sUw$x:O|$~kS1$S62
                                                                                                                                                                        • API String ID: 0-4051137116
                                                                                                                                                                        • Opcode ID: 16784576e624c89fb0d1c3ee7963c22eaa5eb15a233553fe7d1637f8cacc9360
                                                                                                                                                                        • Instruction ID: 34f8d21bf2b646eb44eff636022d1ee424ad25dcf9ba9f9a7ee3af9035907eff
                                                                                                                                                                        • Opcode Fuzzy Hash: 16784576e624c89fb0d1c3ee7963c22eaa5eb15a233553fe7d1637f8cacc9360
                                                                                                                                                                        • Instruction Fuzzy Hash: 40B25AF3A0C2049FE304AE2DEC8577AB7E9EF94720F1A463DEAC5C3744E93558058696
                                                                                                                                                                        Function 00F8D620 Relevance: 10.3, Strings: 7, Instructions: 1529COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: &%:h$&M]z$5Gym$E9_$S;w[$Vg/w$hzD
                                                                                                                                                                        • API String ID: 0-3614352690
                                                                                                                                                                        • Opcode ID: 2197388f5f37b3c4412e0007c3fa32787867a4ab160f1df86b7b378d515dceb4
                                                                                                                                                                        • Instruction ID: f0b3259a4ade8d4825833ea959b37a3e23ebb8a2e3ff19bc2b284569f5d57e0b
                                                                                                                                                                        • Opcode Fuzzy Hash: 2197388f5f37b3c4412e0007c3fa32787867a4ab160f1df86b7b378d515dceb4
                                                                                                                                                                        • Instruction Fuzzy Hash: 11B2D1B390C2049FD304AF29EC8567AFBE5EF94720F16893DE6C483744EA3598458B97
                                                                                                                                                                        Function 00F9C99C Relevance: 9.1, Strings: 6, Instructions: 1648COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: Z]$cN~$cN~$dZW$,}o$^B
                                                                                                                                                                        • API String ID: 0-3214560603
                                                                                                                                                                        • Opcode ID: d2bd68f1a2423c45350e5135d66d216ecc103b0e59d2cf1957a7cebe480181e0
                                                                                                                                                                        • Instruction ID: 77bb0de0cd3410dafcc324557c1a5b2c256183b5eb66041dba39c9e942d329c0
                                                                                                                                                                        • Opcode Fuzzy Hash: d2bd68f1a2423c45350e5135d66d216ecc103b0e59d2cf1957a7cebe480181e0
                                                                                                                                                                        • Instruction Fuzzy Hash: 14B219F3A08204AFE304AE2DDC8576AFBE9EF94720F16493DE6C4C7744E63598018796
                                                                                                                                                                        Function 00F8A239 Relevance: 7.9, Strings: 5, Instructions: 1641COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: :@1:$Wy>z$`N{;$jFO$xE?=
                                                                                                                                                                        • API String ID: 0-1430552244
                                                                                                                                                                        • Opcode ID: a8f88c33c98b5e9687ad286f1f02dd157016ee1c3b63985b9d8181900dc877be
                                                                                                                                                                        • Instruction ID: f6447d9e3447df00629a9fd4765e63117e501193c46215b9d95d445cd5f516a6
                                                                                                                                                                        • Opcode Fuzzy Hash: a8f88c33c98b5e9687ad286f1f02dd157016ee1c3b63985b9d8181900dc877be
                                                                                                                                                                        • Instruction Fuzzy Hash: 91B205F360C6049FE304AE2DEC8567AFBE5EF94320F16893DEAC4C7744EA3558058696
                                                                                                                                                                        Function 00FA0048 Relevance: 7.9, Strings: 5, Instructions: 1630COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: y=$B"yz$]B=_$v=w$9S
                                                                                                                                                                        • API String ID: 0-1174411796
                                                                                                                                                                        • Opcode ID: 5032098c8d7291f61134b41294520735c0a758f17ce92b7c678f87fb1eed7f06
                                                                                                                                                                        • Instruction ID: 02638b8684bf546c488f8c06956620cb69abe3dd37e548b4e6521418c14e5c2d
                                                                                                                                                                        • Opcode Fuzzy Hash: 5032098c8d7291f61134b41294520735c0a758f17ce92b7c678f87fb1eed7f06
                                                                                                                                                                        • Instruction Fuzzy Hash: 3EB2F7F360C2049FE704AE2DEC8567ABBE9EF94320F1A493DE6C5C3744E63598058697
                                                                                                                                                                        Function 00F993D9 Relevance: 7.9, Strings: 5, Instructions: 1622COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: !?=7$Eqc$ZR~$h5K$-
                                                                                                                                                                        • API String ID: 0-815493978
                                                                                                                                                                        • Opcode ID: ecdeedec91631f22315d39a8abecfd762e2e5a5712b118face4d986db47684ff
                                                                                                                                                                        • Instruction ID: 058e632de978c37210ff1ef2ab86304a2a11386f59ecd0ea3d750f6735afbe68
                                                                                                                                                                        • Opcode Fuzzy Hash: ecdeedec91631f22315d39a8abecfd762e2e5a5712b118face4d986db47684ff
                                                                                                                                                                        • Instruction Fuzzy Hash: 8BB227F390C2109FE3046E2DEC8567ABBE5EF94720F1A493DEAC4D7744E63598018796
                                                                                                                                                                        Function 00F8F590 Relevance: 7.5, Strings: 5, Instructions: 1273COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: Cj[$\>$B$i@<;$pko$qw}
                                                                                                                                                                        • API String ID: 0-1819597183
                                                                                                                                                                        • Opcode ID: 9d1a0afca75b6fc226cb3f702feb7ca66ca808facfffe7d9c7a1cabb8c864ff6
                                                                                                                                                                        • Instruction ID: f7582e7811556a468294bffe14f93fa1d18d6a366263181d40e26b77c22760de
                                                                                                                                                                        • Opcode Fuzzy Hash: 9d1a0afca75b6fc226cb3f702feb7ca66ca808facfffe7d9c7a1cabb8c864ff6
                                                                                                                                                                        • Instruction Fuzzy Hash: AA8217F36086049FE304AE2DEC8567AFBE5EF94720F1A493DE6C5C3744E63598048693
                                                                                                                                                                        Function 00DC12F7 Relevance: 7.2, Strings: 5, Instructions: 922COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 0$0$0$@$i
                                                                                                                                                                        • API String ID: 0-3124195287
                                                                                                                                                                        • Opcode ID: 5d213a0c8f672246fbffc50cb55552849bdc4e8ff201cd146fcde0314e96bcb3
                                                                                                                                                                        • Instruction ID: 5fc1eff0b69835ca3db0ddb4af880ac771ac35d9a3e7b80b22b8eca258de9e38
                                                                                                                                                                        • Opcode Fuzzy Hash: 5d213a0c8f672246fbffc50cb55552849bdc4e8ff201cd146fcde0314e96bcb3
                                                                                                                                                                        • Instruction Fuzzy Hash: 2862D47160C3928FC319CF28C490B6ABBE1AFD5304F188A2DE8D987391D774D949CB62
                                                                                                                                                                        Function 00DC164F Relevance: 6.7, Strings: 5, Instructions: 472COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: +$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff
                                                                                                                                                                        • API String ID: 0-1123320326
                                                                                                                                                                        • Opcode ID: c5ffff0b0fb48f257f6e3f3e416897f265b72fd467744e288379938e738f010c
                                                                                                                                                                        • Instruction ID: 7a63b1d2368f3c8cba5dd0f1523b005219ba1bd58d95e5bb5e7682cc9f43bd3e
                                                                                                                                                                        • Opcode Fuzzy Hash: c5ffff0b0fb48f257f6e3f3e416897f265b72fd467744e288379938e738f010c
                                                                                                                                                                        • Instruction Fuzzy Hash: 0AF1C23560C3928FC719CE28C48476AFBE2AFD9304F188A6DE4D987356D734D945CBA2
                                                                                                                                                                        Function 00DC13A3 Relevance: 6.6, Strings: 5, Instructions: 390COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: -$0123456789ABCDEFXP$0123456789abcdefxp$gfff$gfff
                                                                                                                                                                        • API String ID: 0-3620105454
                                                                                                                                                                        • Opcode ID: 18408594f19c566f12f7c25e75e1273800fa83cd0b237a1f61dae8bbe89539dd
                                                                                                                                                                        • Instruction ID: 46eeb69419bcd5572e630676893a5542be573f871c0e662e55da67fc2a9d33cb
                                                                                                                                                                        • Opcode Fuzzy Hash: 18408594f19c566f12f7c25e75e1273800fa83cd0b237a1f61dae8bbe89539dd
                                                                                                                                                                        • Instruction Fuzzy Hash: 27D1AE3560C7928FC719CE29C48076AFBE2AFD9304F08CA6DE4D987356D634D949CB62
                                                                                                                                                                        Function 00DEFD10 Relevance: 5.7, Strings: 4, Instructions: 667COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: :$NA_I$m1s3$uvw
                                                                                                                                                                        • API String ID: 0-3973114637
                                                                                                                                                                        • Opcode ID: 30f4b9168544a24ad3cafc660a24237d87b6bff69a8c339a567bbac1aac4cc8f
                                                                                                                                                                        • Instruction ID: 211b6e644e70e8c19e38e6caac4f05453648590722c93443e7272478549eecce
                                                                                                                                                                        • Opcode Fuzzy Hash: 30f4b9168544a24ad3cafc660a24237d87b6bff69a8c339a567bbac1aac4cc8f
                                                                                                                                                                        • Instruction Fuzzy Hash: 2032AAB1508385DFD311DF29D880B2ABBE5EF8A300F19895CF6D59B292D335D909CB62
                                                                                                                                                                        Function 00DD3BE2 Relevance: 5.4, Strings: 4, Instructions: 431COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($;z$p$ss
                                                                                                                                                                        • API String ID: 0-2391135358
                                                                                                                                                                        • Opcode ID: 2487d4083a5497a3112fab3f1d993b2570768db63c7e9e0b425f250e36b2acc5
                                                                                                                                                                        • Instruction ID: 19a801038eaf3f8bcad4dc3460dca862c78d23fe1d733bfc10bb9083c0841f97
                                                                                                                                                                        • Opcode Fuzzy Hash: 2487d4083a5497a3112fab3f1d993b2570768db63c7e9e0b425f250e36b2acc5
                                                                                                                                                                        • Instruction Fuzzy Hash: E9025AB4810B00DFD7609F29D986756BFF5FB02300F50895DE89A9B796E370A418CFA2
                                                                                                                                                                        Function 00DE2260 Relevance: 5.4, Strings: 4, Instructions: 383COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: a|$hu$lc$sj
                                                                                                                                                                        • API String ID: 0-3748788050
                                                                                                                                                                        • Opcode ID: 03cce7fca6bbed814fc7b5ad211a3174632016c496e32d55a65214fabf6e7186
                                                                                                                                                                        • Instruction ID: 601dbf104696909b249cd1384386653f1db64cbc8197857240785951db85baf3
                                                                                                                                                                        • Opcode Fuzzy Hash: 03cce7fca6bbed814fc7b5ad211a3174632016c496e32d55a65214fabf6e7186
                                                                                                                                                                        • Instruction Fuzzy Hash: E1A1AE704083818BC720EF19C891A3BB7F4FFA5354F588A0CE8D99B291E375D941CBA6
                                                                                                                                                                        Function 00F90D7B Relevance: 5.4, Strings: 3, Instructions: 1631COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: #iru$<j?$N$~
                                                                                                                                                                        • API String ID: 0-2518996731
                                                                                                                                                                        • Opcode ID: 1037106747bdc99187febe2cffba0293d46e0aa33df76253c9194666ec5502b1
                                                                                                                                                                        • Instruction ID: 5e2b73d366aaec813557513fd0aa9bcfe8daf21bdaa83f95d4bed8548571b318
                                                                                                                                                                        • Opcode Fuzzy Hash: 1037106747bdc99187febe2cffba0293d46e0aa33df76253c9194666ec5502b1
                                                                                                                                                                        • Instruction Fuzzy Hash: A8B22AF390C2049FE3146E2DEC8567AFBE9EF94720F1A463DEAC4D3744EA3558058692
                                                                                                                                                                        Function 00F9E5A0 Relevance: 5.3, Strings: 3, Instructions: 1572COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: P,s_$Z+n${C}]
                                                                                                                                                                        • API String ID: 0-2337308888
                                                                                                                                                                        • Opcode ID: 15d639c95f83d8d4bdd432fde3e6c24421d09e393941d23a025962b6b3323943
                                                                                                                                                                        • Instruction ID: 67345ae96daf600ea05b92fac409ddc8c075085c80008edbadc03a2ba76e8997
                                                                                                                                                                        • Opcode Fuzzy Hash: 15d639c95f83d8d4bdd432fde3e6c24421d09e393941d23a025962b6b3323943
                                                                                                                                                                        • Instruction Fuzzy Hash: 79B208F3608204AFE304AE29EC8567ABBE5EFD4320F16893DE6C4C7744E63598118797
                                                                                                                                                                        Function 00F95E7A Relevance: 5.3, Strings: 3, Instructions: 1564COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: \<U$fHw^$$j_
                                                                                                                                                                        • API String ID: 0-4120558422
                                                                                                                                                                        • Opcode ID: 9cc79644c995ef1c81ab155e628e81ebcbf518278fb1e6a0459d4efa9c5022b8
                                                                                                                                                                        • Instruction ID: bcc514500d6e5cf7e58b0d5511f4eff2056d76631dfc95081474760d8328ce50
                                                                                                                                                                        • Opcode Fuzzy Hash: 9cc79644c995ef1c81ab155e628e81ebcbf518278fb1e6a0459d4efa9c5022b8
                                                                                                                                                                        • Instruction Fuzzy Hash: E4B2E5F3A08210AFE3046E2DEC8577ABBE5EF94760F16453DEAC4C3744EA3598058697
                                                                                                                                                                        Function 00DED7AF Relevance: 5.2, Strings: 4, Instructions: 213COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: #'$CV$KV$T>
                                                                                                                                                                        • API String ID: 0-95592268
                                                                                                                                                                        • Opcode ID: c33df8be8c1bb0a51d88339df1186eac3d2ffa09bb24b657d9abf9eb31c5007e
                                                                                                                                                                        • Instruction ID: 539e9cef980eccff96d0135a0e5ea28d82c344fd33f37a527f50505bebe1b563
                                                                                                                                                                        • Opcode Fuzzy Hash: c33df8be8c1bb0a51d88339df1186eac3d2ffa09bb24b657d9abf9eb31c5007e
                                                                                                                                                                        • Instruction Fuzzy Hash: 948145B48017499FDB20EF96D68516EBFB1FF16300F60560CE486ABA55C330AA55CFE2
                                                                                                                                                                        Function 00DEAC91 Relevance: 5.1, Strings: 4, Instructions: 128COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: (g6e$,{*y$4c2a$lk
                                                                                                                                                                        • API String ID: 0-1327526056
                                                                                                                                                                        • Opcode ID: b278369dc483ac7e3fc3fd50f5da32416f6fa7c3493c295e827588e3ffd17b66
                                                                                                                                                                        • Instruction ID: 62285f14a249f3364ba110fbf593222a943300b50583efcc0768ef214ad08440
                                                                                                                                                                        • Opcode Fuzzy Hash: b278369dc483ac7e3fc3fd50f5da32416f6fa7c3493c295e827588e3ffd17b66
                                                                                                                                                                        • Instruction Fuzzy Hash: 854178B4808382CED7209F25D900BABB7F0FF86305F54995DE6C8A7250E775D948CB96
                                                                                                                                                                        Function 00DEC470 Relevance: 4.2, Strings: 3, Instructions: 419COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($%*+($~/i!
                                                                                                                                                                        • API String ID: 0-4033100838
                                                                                                                                                                        • Opcode ID: 7d981dd4be51d049a9c6d511557850f407d1cfa448a939b41973edeefbf25c87
                                                                                                                                                                        • Instruction ID: 6353ad887b1a4c4c91dc7ccc4473118e35ad180bbd20d6822c73ec517168ed4c
                                                                                                                                                                        • Opcode Fuzzy Hash: 7d981dd4be51d049a9c6d511557850f407d1cfa448a939b41973edeefbf25c87
                                                                                                                                                                        • Instruction Fuzzy Hash: 53E198B5518384DFE320AF26D881B5BBBF5FB85340F48882CE69997252D732D815CF62
                                                                                                                                                                        Function 00DC8590 Relevance: 4.1, Strings: 3, Instructions: 387COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: )$)$IEND
                                                                                                                                                                        • API String ID: 0-588110143
                                                                                                                                                                        • Opcode ID: 4db673d54ff572fa2988a15ebaaf9e439f860bb2b9b42163aca54341b8174975
                                                                                                                                                                        • Instruction ID: d05b53ee8a0a960853b74d6820ef9e2fa803e834aa615fa781582b38aa1dc917
                                                                                                                                                                        • Opcode Fuzzy Hash: 4db673d54ff572fa2988a15ebaaf9e439f860bb2b9b42163aca54341b8174975
                                                                                                                                                                        • Instruction Fuzzy Hash: 1FE1BEB1A087029FE310CF29C885B2ABBE0FF94314F14492DE59997381DB75E915DBE2
                                                                                                                                                                        Function 00F97B15 Relevance: 3.9, Strings: 2, Instructions: 1449COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: *4~$d</-
                                                                                                                                                                        • API String ID: 0-247995745
                                                                                                                                                                        • Opcode ID: 688c1c1b351d48688d55c7f9eda270f3f730b7d0b7d8ad869bce644741278198
                                                                                                                                                                        • Instruction ID: 2ccd3fb1c2793f2e99bc02afde85eea592c4db2a106f8074526a475b62d80878
                                                                                                                                                                        • Opcode Fuzzy Hash: 688c1c1b351d48688d55c7f9eda270f3f730b7d0b7d8ad869bce644741278198
                                                                                                                                                                        • Instruction Fuzzy Hash: DDA229F36082049FE304AE2DED8567AFBE9EFD4720F1A863DE6C4C3744E63558058696
                                                                                                                                                                        Function 00E04040 Relevance: 3.1, Strings: 2, Instructions: 577COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+($f
                                                                                                                                                                        • API String ID: 0-2038831151
                                                                                                                                                                        • Opcode ID: a62200b5e1448ae742496237ab4f3f52026e750e376ede8ead269a544318d55d
                                                                                                                                                                        • Instruction ID: ba373faf30a2b906db99d4d75b275c0e8e739866550a754a10f41faab8ab88a5
                                                                                                                                                                        • Opcode Fuzzy Hash: a62200b5e1448ae742496237ab4f3f52026e750e376ede8ead269a544318d55d
                                                                                                                                                                        • Instruction Fuzzy Hash: 00129DB16083419FC715CF14C980B2BBBE2FBC9318F189A2DF694A72D1D735D9858B92
                                                                                                                                                                        Function 00DFF620 Relevance: 3.0, Strings: 2, Instructions: 461COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: dg$hi
                                                                                                                                                                        • API String ID: 0-2859417413
                                                                                                                                                                        • Opcode ID: b52d959b2766a5430083ca3ac7fb552da9e0c98dd0028f0eb14d6181505a3f1b
                                                                                                                                                                        • Instruction ID: e038db5bb0c8b23b3c12c66bb32ad8137c8c3ea0914054270d69028b3d528797
                                                                                                                                                                        • Opcode Fuzzy Hash: b52d959b2766a5430083ca3ac7fb552da9e0c98dd0028f0eb14d6181505a3f1b
                                                                                                                                                                        • Instruction Fuzzy Hash: 29F19571618301EFE704CF25D891B6ABBE6FF89344F15992CF2959B2A1C734D845CB22
                                                                                                                                                                        Function 00DC35B0 Relevance: 2.9, Strings: 2, Instructions: 411COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: Inf$NaN
                                                                                                                                                                        • API String ID: 0-3500518849
                                                                                                                                                                        • Opcode ID: 0fb0e578fb17dad982ad3410f02a062d5cbae18064a002300cab08b5fd435f17
                                                                                                                                                                        • Instruction ID: fe3bbd31bf88d15c88bc688130258903cb9c1868b42639fd360f189149f7071f
                                                                                                                                                                        • Opcode Fuzzy Hash: 0fb0e578fb17dad982ad3410f02a062d5cbae18064a002300cab08b5fd435f17
                                                                                                                                                                        • Instruction Fuzzy Hash: A7D1D371A183129BC704CF29C880B1ABBE1EFC8750F15CA2DF9D9973A0E675DD458B92
                                                                                                                                                                        Function 00DDFFDF Relevance: 2.7, Strings: 2, Instructions: 185COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: BaBc$Ye[g
                                                                                                                                                                        • API String ID: 0-286865133
                                                                                                                                                                        • Opcode ID: 6495a13e6ee85fae8869e4606fde7ec8a458f962b61d132e6bee86fc2608087c
                                                                                                                                                                        • Instruction ID: 111ced5d6e6955ae752ade6daa4ac35c673a912826fcb711b1e4e63d0006cc4d
                                                                                                                                                                        • Opcode Fuzzy Hash: 6495a13e6ee85fae8869e4606fde7ec8a458f962b61d132e6bee86fc2608087c
                                                                                                                                                                        • Instruction Fuzzy Hash: 65519C716083818BD731DF59C481BABBBE0FF96310F19491DE4998B651E3B49980CB67
                                                                                                                                                                        Function 00DC5160 Relevance: 1.8, Strings: 1, Instructions: 577COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %1.17g
                                                                                                                                                                        • API String ID: 0-1551345525
                                                                                                                                                                        • Opcode ID: 595186172e1fe160c0c5349397f7e87c6cf1101f7cc899668346576e987b1c33
                                                                                                                                                                        • Instruction ID: ebfb9a42b9cbd89ad6ceb98534bb80767d2e18442ccda7e1e7584b95a0acc4dc
                                                                                                                                                                        • Opcode Fuzzy Hash: 595186172e1fe160c0c5349397f7e87c6cf1101f7cc899668346576e987b1c33
                                                                                                                                                                        • Instruction Fuzzy Hash: BD22C5B6608B43CBE7158E18E540B26BBA2AFE0304F1D856DD8994B389E771FCC5C761
                                                                                                                                                                        Function 00DF12D0 Relevance: 1.7, Strings: 1, Instructions: 484COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: "
                                                                                                                                                                        • API String ID: 0-123907689
                                                                                                                                                                        • Opcode ID: 1e36e4a90a5bcd9904d9a2755a98640d2f51fe7f53356f7c076c40d918f289ea
                                                                                                                                                                        • Instruction ID: 69506f9c26846f48324fa963958e35a437e06d1d49583ef7e36c9566206a0e50
                                                                                                                                                                        • Opcode Fuzzy Hash: 1e36e4a90a5bcd9904d9a2755a98640d2f51fe7f53356f7c076c40d918f289ea
                                                                                                                                                                        • Instruction Fuzzy Hash: 79F15679A083499BC724CE24C480A3BBBE5AFC5340F0EC56CE98987382D631DD05C7B2
                                                                                                                                                                        Function 00DEAE57 Relevance: 1.7, Strings: 1, Instructions: 455COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: ab68dc09813367dfefc5c3cd1d515dfced14bc1b039595f72210a5ce023baceb
                                                                                                                                                                        • Instruction ID: 81797eea0c067db61791b34f96ec0a237f5059a57cc11e26c87f3fd90d870419
                                                                                                                                                                        • Opcode Fuzzy Hash: ab68dc09813367dfefc5c3cd1d515dfced14bc1b039595f72210a5ce023baceb
                                                                                                                                                                        • Instruction Fuzzy Hash: B6E1BA71508346CBC314EF2AC49056BB3E2FF997A1F58891DE5C597260E330EA59CBA2
                                                                                                                                                                        Function 00DD6EBF Relevance: 1.7, Strings: 1, Instructions: 447COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 10a857ea7f6d8f9d8ab42e570de9bbc3a98e4d8bb968ecdcfff883c5a2d026ca
                                                                                                                                                                        • Instruction ID: ce2769ff8d3afa819bcfb048eda26fe9ee3366e543810ac33403edd154d87340
                                                                                                                                                                        • Opcode Fuzzy Hash: 10a857ea7f6d8f9d8ab42e570de9bbc3a98e4d8bb968ecdcfff883c5a2d026ca
                                                                                                                                                                        • Instruction Fuzzy Hash: A5F1A075610A01CFD734DF29D881A26B3F2FF48314B148A2EE59787B91EB31E855CBA0
                                                                                                                                                                        Function 00DE7E60 Relevance: 1.7, Strings: 1, Instructions: 425COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: a8823c489e412843743fcd01a5a214da674cd766f01c2e63429dbf2dfd633ddc
                                                                                                                                                                        • Instruction ID: 58caf786be740337906e6ce288438e425b1867728a593374e57108f12dc5e42c
                                                                                                                                                                        • Opcode Fuzzy Hash: a8823c489e412843743fcd01a5a214da674cd766f01c2e63429dbf2dfd633ddc
                                                                                                                                                                        • Instruction Fuzzy Hash: 2EC1BF71508380ABD710AF16C882A2BB7F5EF95754F08881CF9C99B292E735DD05DBB2
                                                                                                                                                                        Function 00DE8D62 Relevance: 1.7, Strings: 1, Instructions: 410COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 06fa714e42d2478ee53a68b0d4c23f572345289cf9ec18f845341a4bed9446ab
                                                                                                                                                                        • Instruction ID: a0ce3a42ce77008adc1a75b6209786a66890b8c535ac7e331935fafe6e091551
                                                                                                                                                                        • Opcode Fuzzy Hash: 06fa714e42d2478ee53a68b0d4c23f572345289cf9ec18f845341a4bed9446ab
                                                                                                                                                                        • Instruction Fuzzy Hash: DCD10070608342DFD704DF6AEC91A6AB7E5FF88300F49886CF88697291D771E984CB61
                                                                                                                                                                        Function 00E07FC0 Relevance: 1.6, Strings: 1, Instructions: 387COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: P
                                                                                                                                                                        • API String ID: 0-3110715001
                                                                                                                                                                        • Opcode ID: 92dfb8acf13d0f32fce66c6118770533a5a1fba153f3c16fc5bf52c7fc821f3c
                                                                                                                                                                        • Instruction ID: 5986f07563b974470b63894189d7e65561018a6b683f2b6c55035aad99b4af56
                                                                                                                                                                        • Opcode Fuzzy Hash: 92dfb8acf13d0f32fce66c6118770533a5a1fba153f3c16fc5bf52c7fc821f3c
                                                                                                                                                                        • Instruction Fuzzy Hash: E3D1C1729082658FC725CE18A89075EB6E1EBC5718F159A2CE8F5BB3D0CB719C86C7C1
                                                                                                                                                                        Function 00E06CBF Relevance: 1.6, Strings: 1, Instructions: 384COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: "p
                                                                                                                                                                        • API String ID: 0-1647296830
                                                                                                                                                                        • Opcode ID: d3d2a55a5da04a962ec4e59167a0b0cb268b447040831ae45445421ec5cdaf61
                                                                                                                                                                        • Instruction ID: a095987acb4ef839d353ebc25828b7a877564873518c3e37d98384d3d3eaf48b
                                                                                                                                                                        • Opcode Fuzzy Hash: d3d2a55a5da04a962ec4e59167a0b0cb268b447040831ae45445421ec5cdaf61
                                                                                                                                                                        • Instruction Fuzzy Hash: D4D1F236618351CFC714CF39D8C056AFBE2AB89314F098A6DE495E73A1D330DA49CBA1
                                                                                                                                                                        Function 00DECCD0 Relevance: 1.6, Strings: 1, Instructions: 357COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 2994545307-3233224373
                                                                                                                                                                        • Opcode ID: c5467e3cc77b61a23c392e96d4ca5f1e1c097bccfb83798c32dae7b4e20651ed
                                                                                                                                                                        • Instruction ID: c4e5d9028d3be69321f0ff52f38de26483a17b9a4958509c46c4c4568cdd9ef9
                                                                                                                                                                        • Opcode Fuzzy Hash: c5467e3cc77b61a23c392e96d4ca5f1e1c097bccfb83798c32dae7b4e20651ed
                                                                                                                                                                        • Instruction Fuzzy Hash: D8B111716193818FD714EF1AD881B2BBBE2EF85340F18582CE5C59B291E731D856CBB2
                                                                                                                                                                        Function 00DCA850 Relevance: 1.5, Strings: 1, Instructions: 271COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: ,
                                                                                                                                                                        • API String ID: 0-3772416878
                                                                                                                                                                        • Opcode ID: 6a3fef2072c4110c7e08f213014c8aa891b97c95317c3c670d38149bab24221c
                                                                                                                                                                        • Instruction ID: 1c293d323b7b3f27c158ef5221afc5048dbacea6f03bdb96dd801067c3d0c282
                                                                                                                                                                        • Opcode Fuzzy Hash: 6a3fef2072c4110c7e08f213014c8aa891b97c95317c3c670d38149bab24221c
                                                                                                                                                                        • Instruction Fuzzy Hash: BAB12A711083859FD325CF58C880B1BBBE1AFA9708F484A2DF5D997342D671EA18CB67
                                                                                                                                                                        Function 00DFFC20 Relevance: 1.5, Strings: 1, Instructions: 265COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 98f9d3355f9a903f9639a2e2cb3a87064e8678feb4184fd5e3bf57f2d479fad7
                                                                                                                                                                        • Instruction ID: 7a0f95f0241eabae64990019b931c30f20f7b52a62a0d6242bd77e939ccdc94a
                                                                                                                                                                        • Opcode Fuzzy Hash: 98f9d3355f9a903f9639a2e2cb3a87064e8678feb4184fd5e3bf57f2d479fad7
                                                                                                                                                                        • Instruction Fuzzy Hash: 6F81B871608204EFD710DF69DC85A2AB7E5FF99701F09882CF6C4A7292D731E859CB62
                                                                                                                                                                        Function 00DDD457 Relevance: 1.5, Strings: 1, Instructions: 248COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 245e64a6133249161a007dbc9444daddead4fb86a9ca0bba682cc8a8d3192315
                                                                                                                                                                        • Instruction ID: 756fbe9aa25eec1fc782e2007e5b78ddaf62ceb02ce44cfda8340643a464a30a
                                                                                                                                                                        • Opcode Fuzzy Hash: 245e64a6133249161a007dbc9444daddead4fb86a9ca0bba682cc8a8d3192315
                                                                                                                                                                        • Instruction Fuzzy Hash: 4B611372909204DFCB10EF18DC42A6A73B1FF95344F08492DF98997392E375E905C7A2
                                                                                                                                                                        Function 00E04A40 Relevance: 1.5, Strings: 1, Instructions: 220COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 1a5aeae17874c31bf497a693e98edc2c87cbe11f8311320d4fb234cf19dd998c
                                                                                                                                                                        • Instruction ID: 042b55333e875fc0d8042c7fb6bc817cb1a07b720acec5ade2ea6c55c2fe31a1
                                                                                                                                                                        • Opcode Fuzzy Hash: 1a5aeae17874c31bf497a693e98edc2c87cbe11f8311320d4fb234cf19dd998c
                                                                                                                                                                        • Instruction Fuzzy Hash: ED61DDF16083019BE711DF65C980B2AF7E6EBC4318F18991CEA85A72D1D671EC90CB52
                                                                                                                                                                        Function 00EE177A Relevance: 1.5, Strings: 1, Instructions: 218COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 9P
                                                                                                                                                                        • API String ID: 0-1555359944
                                                                                                                                                                        • Opcode ID: 4508d00f274c1a97a6f1d9d86ea2424ae12f8e5c71f7cbc221ff63750ccd302b
                                                                                                                                                                        • Instruction ID: 2c0167c942f4fe87b79c78fe760b1cb526b23d9bf0d64e41d878e8646246b980
                                                                                                                                                                        • Opcode Fuzzy Hash: 4508d00f274c1a97a6f1d9d86ea2424ae12f8e5c71f7cbc221ff63750ccd302b
                                                                                                                                                                        • Instruction Fuzzy Hash: 9761A3F3A082009FE3556E29DC8576AB7E2EF94310F1A493DD6C9C3780E67998418B87
                                                                                                                                                                        Function 00EB42DE Relevance: 1.5, Strings: 1, Instructions: 208COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: {ioM
                                                                                                                                                                        • API String ID: 0-812925547
                                                                                                                                                                        • Opcode ID: 560cfee3cb6f3e10f28d8f8803f54e4a1c51eb18201f541f75703e6acbe1ba70
                                                                                                                                                                        • Instruction ID: 3619253f0b539b8c9d2d0f1574278df89134a062f23a2fc51a799ad8a7b6a4aa
                                                                                                                                                                        • Opcode Fuzzy Hash: 560cfee3cb6f3e10f28d8f8803f54e4a1c51eb18201f541f75703e6acbe1ba70
                                                                                                                                                                        • Instruction Fuzzy Hash: E0519AF3A086046FE3006A2DEC4577ABBDADBD4320F1B463DE6D4C3784E93994058686
                                                                                                                                                                        Function 00DCE1A0 Relevance: 1.4, Strings: 1, Instructions: 175COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        • 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081, xrefs: 00DCE333
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081
                                                                                                                                                                        • API String ID: 0-2471034898
                                                                                                                                                                        • Opcode ID: 3843fbbfdf82afbd02aecac20dc37033a90a461de1b5b108b69013b2fd836fb6
                                                                                                                                                                        • Instruction ID: 46d4c855eda33b0a93805b050e65f6120921ea2b4c1c89bce585839a474df7a3
                                                                                                                                                                        • Opcode Fuzzy Hash: 3843fbbfdf82afbd02aecac20dc37033a90a461de1b5b108b69013b2fd836fb6
                                                                                                                                                                        • Instruction Fuzzy Hash: 4A512773A196D24BD338897D4C557A9AB870FA2334B3DC76EE9F18B3E1D556880483A0
                                                                                                                                                                        Function 00E03920 Relevance: 1.4, Strings: 1, Instructions: 172COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 7e8901b385c035c3cbe02cc88bba274c7dae01dc08aa2b9b89cd1a6154160cf4
                                                                                                                                                                        • Instruction ID: afb466d2d5f9b30fe8e27cd63e7cc4f0cecf944d0330e91f06e784a56895f020
                                                                                                                                                                        • Opcode Fuzzy Hash: 7e8901b385c035c3cbe02cc88bba274c7dae01dc08aa2b9b89cd1a6154160cf4
                                                                                                                                                                        • Instruction Fuzzy Hash: 1B519E35609200DFCB24DF65D880A2ABBFAEFC5748F18991DE4C6A7291D371DD90CB62
                                                                                                                                                                        Function 00EC10DB Relevance: 1.4, Strings: 1, Instructions: 152COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: QE}~
                                                                                                                                                                        • API String ID: 0-159949680
                                                                                                                                                                        • Opcode ID: 105663a0ce520a5e11a0a651d970f584a4890daa5d3d36c7016b4902516436c9
                                                                                                                                                                        • Instruction ID: 8f6eea0fbfe7eba444e2c868894bb1fd37168fac7020d769352533421ec493a9
                                                                                                                                                                        • Opcode Fuzzy Hash: 105663a0ce520a5e11a0a651d970f584a4890daa5d3d36c7016b4902516436c9
                                                                                                                                                                        • Instruction Fuzzy Hash: 364168F3B083045BF308692DEC89767B6C6DBC4320F2B423DDA45C7B84ED7A58014245
                                                                                                                                                                        Function 00F0C991 Relevance: 1.4, Strings: 1, Instructions: 143COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 1THx
                                                                                                                                                                        • API String ID: 0-1679358647
                                                                                                                                                                        • Opcode ID: 9198392358725e78424e84b21c0bb4fb0c54fd032ddc9c4da00e6ebb99d0f80a
                                                                                                                                                                        • Instruction ID: 0a0c34531910cc6fb3938476bbe4f8fd71cf4d6e56507da98d740724d1ae20a1
                                                                                                                                                                        • Opcode Fuzzy Hash: 9198392358725e78424e84b21c0bb4fb0c54fd032ddc9c4da00e6ebb99d0f80a
                                                                                                                                                                        • Instruction Fuzzy Hash: E141E1F3A186149FE3046E29DC857BABBD5EB98320F1B093DDBC4D3780E67548458B86
                                                                                                                                                                        Function 00DD1BEE Relevance: 1.4, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: L3
                                                                                                                                                                        • API String ID: 0-2730849248
                                                                                                                                                                        • Opcode ID: 51bc8be1cae60a57bf7c6667db276b1feaf42c46af586b7bc45782baaf90c086
                                                                                                                                                                        • Instruction ID: a319fa659e552265cc5a0fd99f4946b0ace73987211e011e560954dc0ca7220a
                                                                                                                                                                        • Opcode Fuzzy Hash: 51bc8be1cae60a57bf7c6667db276b1feaf42c46af586b7bc45782baaf90c086
                                                                                                                                                                        • Instruction Fuzzy Hash: AF4161B8018380ABC7149F69C894A2FBBF0FF86314F08891DF5C5AB290D736C9158B66
                                                                                                                                                                        Function 00DFFF70 Relevance: 1.4, Strings: 1, Instructions: 124COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: b1bd6d739732e44bb095e902fe25e30fffeee832d7cf991f50504ab06414cb20
                                                                                                                                                                        • Instruction ID: facaf959d926352283913726c74a9e00cd1230a1b57a87e562ff8df1ac30a3dc
                                                                                                                                                                        • Opcode Fuzzy Hash: b1bd6d739732e44bb095e902fe25e30fffeee832d7cf991f50504ab06414cb20
                                                                                                                                                                        • Instruction Fuzzy Hash: 4D31D6B1A04305ABD610EE54DC81F2BB7E9EF85748F545C28F985E7292E232DC94C763
                                                                                                                                                                        Function 00DEE40C Relevance: 1.4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 72?1
                                                                                                                                                                        • API String ID: 0-1649870076
                                                                                                                                                                        • Opcode ID: 9914bed8027e21d107699a912f21b19ccc1e3b32f2fcbe2d14c2580994163ec4
                                                                                                                                                                        • Instruction ID: 8509c953755e25e8ecbb07fd97c00ac3515ee3527fd9c6c49474386d9c8aa12b
                                                                                                                                                                        • Opcode Fuzzy Hash: 9914bed8027e21d107699a912f21b19ccc1e3b32f2fcbe2d14c2580994163ec4
                                                                                                                                                                        • Instruction Fuzzy Hash: 4431E6B5900245CFCB20EF96E8809AFBBB5FB46305F58486CE54AA7301D331A905CBB2
                                                                                                                                                                        Function 00DD6F91 Relevance: 1.4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: %*+(
                                                                                                                                                                        • API String ID: 0-3233224373
                                                                                                                                                                        • Opcode ID: 84b027def469715d3805cb6965ba6cc9d686abe8c5b218882575ac5eb81714b7
                                                                                                                                                                        • Instruction ID: 44cea0297ea592ffa42f7137ede2618cc5c306c5ca1893dec4b1535fa6ed5f7a
                                                                                                                                                                        • Opcode Fuzzy Hash: 84b027def469715d3805cb6965ba6cc9d686abe8c5b218882575ac5eb81714b7
                                                                                                                                                                        • Instruction Fuzzy Hash: FD414572205B04DFD7348F66C995B26B7F2FB49701F18885AE5869BBA1E371F8008B60
                                                                                                                                                                        Function 00DEE66A Relevance: 1.4, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID: 72?1
                                                                                                                                                                        • API String ID: 0-1649870076
                                                                                                                                                                        • Opcode ID: 4480e12bd16211f5586fc74cc1dcaa53c4335d8a711786aebf72871499b2c659
                                                                                                                                                                        • Instruction ID: ef701d5f2d65ea2a1cceb8cecc0ceb32d45f99af957dd1dbb72ba2abf3f87186
                                                                                                                                                                        • Opcode Fuzzy Hash: 4480e12bd16211f5586fc74cc1dcaa53c4335d8a711786aebf72871499b2c659
                                                                                                                                                                        • Instruction Fuzzy Hash: 7621E2B1900245CFC720EF96D880AAFBBB5FB4A700F58485CE586AB301C331AD05CBB2
                                                                                                                                                                        Function 00E09CE0 Relevance: 1.3, Strings: 1, Instructions: 87COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Strings
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID: @
                                                                                                                                                                        • API String ID: 2994545307-2766056989
                                                                                                                                                                        • Opcode ID: e4cdbc5f2e530de9c323c367389d5ba353c9634a1f5f91efd24a0024fa4e275a
                                                                                                                                                                        • Instruction ID: 12feb3a472003d1189e97b529351bdc43598887637c3e78c20cbe12e404b00c5
                                                                                                                                                                        • Opcode Fuzzy Hash: e4cdbc5f2e530de9c323c367389d5ba353c9634a1f5f91efd24a0024fa4e275a
                                                                                                                                                                        • Instruction Fuzzy Hash: 26315A705093009BD314EF15D880A2BFBF9EF9A318F14992DE5C4A7292D375D944CB66
                                                                                                                                                                        Function 00DD4E2A Relevance: 1.0, Instructions: 957COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 92b529072f0fc0884278474a8267c94c62845236c88a7b62c06384291dfbc9c7
                                                                                                                                                                        • Instruction ID: a90a5407844d1eceeb4e2caa8f2eda0f11f7a119864b4de3c6f41bdb0e1ef228
                                                                                                                                                                        • Opcode Fuzzy Hash: 92b529072f0fc0884278474a8267c94c62845236c88a7b62c06384291dfbc9c7
                                                                                                                                                                        • Instruction Fuzzy Hash: A8625774510B418FD735CF28E890B26B7F6EF46700F58892ED49A87B56E731E848CBA0
                                                                                                                                                                        Function 00DCBEB0 Relevance: .9, Instructions: 895COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 30cb9a533554be97e06675d3460cdff0be9d55b2c6c1132c24f0b6137cc6b4a7
                                                                                                                                                                        • Instruction ID: 34a1d48e7ba5661304797eb0bce68323473d18fca2c3b95c468c07ab0d9a613e
                                                                                                                                                                        • Opcode Fuzzy Hash: 30cb9a533554be97e06675d3460cdff0be9d55b2c6c1132c24f0b6137cc6b4a7
                                                                                                                                                                        • Instruction Fuzzy Hash: 01521A316287128BC7259F18D4407BBF3E1FFC4319F299A2DDACA93290D734A851CB96
                                                                                                                                                                        Function 00E08652 Relevance: .7, Instructions: 710COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: f8790467877081e3dd9e1188ecea9c0fff3d947dfefe10e8de253e199523898c
                                                                                                                                                                        • Instruction ID: 5dac64c193966abdd0f5e73966160502b0efdc44da68e81106ff113f005cfc96
                                                                                                                                                                        • Opcode Fuzzy Hash: f8790467877081e3dd9e1188ecea9c0fff3d947dfefe10e8de253e199523898c
                                                                                                                                                                        • Instruction Fuzzy Hash: 0A22FCB5609341DFC704DF69E88066AB7F1FF89315F09886DE489A73A2C735D894CB42
                                                                                                                                                                        Function 00E086F0 Relevance: .7, Instructions: 681COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 598f0e6252f680bffc4755f7fc7771ae956ba175f28f114cd208255f2dc1cb0d
                                                                                                                                                                        • Instruction ID: aec16cd87353b413acf55a90dcc546458cf2e2d506f8283a3a0c5a2ec9724e5b
                                                                                                                                                                        • Opcode Fuzzy Hash: 598f0e6252f680bffc4755f7fc7771ae956ba175f28f114cd208255f2dc1cb0d
                                                                                                                                                                        • Instruction Fuzzy Hash: 8322CAB5609340DFC704DF69E89065ABBF1FB8A305F09896DE4C9A73A2C735D894CB42
                                                                                                                                                                        Function 00DCB3A0 Relevance: .7, Instructions: 670COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 11168e8b8cf80ce9ef9bdf119e8a62beb32c7117f9f19a9ffad7be406d03574d
                                                                                                                                                                        • Instruction ID: 6cc438dc7b064d14c76062850c1517dc02155c66d6c685e1c5d1e35b77c25867
                                                                                                                                                                        • Opcode Fuzzy Hash: 11168e8b8cf80ce9ef9bdf119e8a62beb32c7117f9f19a9ffad7be406d03574d
                                                                                                                                                                        • Instruction Fuzzy Hash: 4852C8709087858FEB35CB24C045BA7BBE1EF95324F184C2EC5E607A82C779E885CB65
                                                                                                                                                                        Function 00DC71F0 Relevance: .7, Instructions: 657COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 23267604f4cd3ff9823ae2fb2474bc0f999ee19afc4a810b8c0ec3bcb81b4532
                                                                                                                                                                        • Instruction ID: e35929dceee19daa01b62819474421042ee557283e17c76ed6f382bbc315a2a0
                                                                                                                                                                        • Opcode Fuzzy Hash: 23267604f4cd3ff9823ae2fb2474bc0f999ee19afc4a810b8c0ec3bcb81b4532
                                                                                                                                                                        • Instruction Fuzzy Hash: 52528E3150C3468FCB15CF29C090BAABBE2BF88314F198A6DE89997351D774D989CF91
                                                                                                                                                                        Function 00DC8FD0 Relevance: .6, Instructions: 620COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 3fa32e300c221ec505ad461099766a27fda18e1de9ca3d0e2d2c3253e5d857cc
                                                                                                                                                                        • Instruction ID: b406640bfd58f255577289d4f4b7a9828d5e3dddfd25af333349f90dac213e40
                                                                                                                                                                        • Opcode Fuzzy Hash: 3fa32e300c221ec505ad461099766a27fda18e1de9ca3d0e2d2c3253e5d857cc
                                                                                                                                                                        • Instruction Fuzzy Hash: 64426775608302DFD708CF29D864B5ABBE1BF88315F09886CE4958B391D73AD989CF52
                                                                                                                                                                        Function 00DC7BF0 Relevance: .6, Instructions: 592COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 2d3aef99367f62e0916239a7ec480fcbf2c425f3c8f74b6cff9783156f1ac1e1
                                                                                                                                                                        • Instruction ID: 682afde593291bff4fa87a538811d480bcae48dc987c542a1e9ae9f60ef25777
                                                                                                                                                                        • Opcode Fuzzy Hash: 2d3aef99367f62e0916239a7ec480fcbf2c425f3c8f74b6cff9783156f1ac1e1
                                                                                                                                                                        • Instruction Fuzzy Hash: 9D322270514B128FC338CF29C690A6ABBF1BF45710B644A2ED6A787B90D736F845DB24
                                                                                                                                                                        Function 00E089A0 Relevance: .5, Instructions: 545COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 5dbdfa1d188cee5dac74eb2d1a03db6f39b145ad7e051a61273dd6423ba92bf1
                                                                                                                                                                        • Instruction ID: 49b5ed7f064c709119d2aa2ec907f57d23f5b3854ba7370da35bcafc15e141ff
                                                                                                                                                                        • Opcode Fuzzy Hash: 5dbdfa1d188cee5dac74eb2d1a03db6f39b145ad7e051a61273dd6423ba92bf1
                                                                                                                                                                        • Instruction Fuzzy Hash: 2502AA75608341DFC704DF69E880A5AFBE1EF8A305F09896DE4C5A73A2C335D994CB92
                                                                                                                                                                        Function 00E08A80 Relevance: .5, Instructions: 524COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 39b09cb520fa482fe2187d170f6b8695ad6850309dc2931c0ab487838b8b6ed0
                                                                                                                                                                        • Instruction ID: 1b370adddd0fad9b32791e7592811285fa1a94d72e2e9bfc7efda5683f366822
                                                                                                                                                                        • Opcode Fuzzy Hash: 39b09cb520fa482fe2187d170f6b8695ad6850309dc2931c0ab487838b8b6ed0
                                                                                                                                                                        • Instruction Fuzzy Hash: 80F19975608341DFC704DF69E88061EFBE1EB8A305F09892DE4D5A73A2D336D994CB92
                                                                                                                                                                        Function 00E08C02 Relevance: .5, Instructions: 487COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 06fe7edb445e3a4d953b4a0c50d1276e90724058db9c60ee20196b467508a295
                                                                                                                                                                        • Instruction ID: 59154052ae41fe901dd70f474a2d49ec8fbc7ca26b387fd7f81dd406f12a0018
                                                                                                                                                                        • Opcode Fuzzy Hash: 06fe7edb445e3a4d953b4a0c50d1276e90724058db9c60ee20196b467508a295
                                                                                                                                                                        • Instruction Fuzzy Hash: FCE1CE71608341CFC304DF29E88066AF7E1FB8A315F09896CE4D5A73A2D736D994CB92
                                                                                                                                                                        Function 00DCA300 Relevance: .5, Instructions: 459COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 8dbf8a9190905fd82ba4d34b3568b61c3c587483ba5650872ac470c2db95d517
                                                                                                                                                                        • Instruction ID: 449d3e3b3b8252f1b66b3dd0579fa63148d46b7c50640e654b3be69b418e9a60
                                                                                                                                                                        • Opcode Fuzzy Hash: 8dbf8a9190905fd82ba4d34b3568b61c3c587483ba5650872ac470c2db95d517
                                                                                                                                                                        • Instruction Fuzzy Hash: EFF1AE756087468FC724CF29C881B6BFBE2AFD8304F08882DE5D987751E635E945CB62
                                                                                                                                                                        Function 00E08E70 Relevance: .4, Instructions: 420COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: d96f805f51737196861e9a7401e01e8dc1ab7ea1cff67e74817448fdc409e027
                                                                                                                                                                        • Instruction ID: 9048a4fe23b3bb23a0f5464e37d17139be008ee7ada216a7f05fc9e7a2f99f00
                                                                                                                                                                        • Opcode Fuzzy Hash: d96f805f51737196861e9a7401e01e8dc1ab7ea1cff67e74817448fdc409e027
                                                                                                                                                                        • Instruction Fuzzy Hash: 48D1AD7460C341DFD304DF28D88062AFBE5EB8A305F09896CE4D5A73A2D736D894CB52
                                                                                                                                                                        Function 00DD4487 Relevance: .4, Instructions: 389COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 515f411d889eda6d2bea7ccafef1002298822dd5b625610fd8824944a48d8c55
                                                                                                                                                                        • Instruction ID: e3b6c335bec70f7d8bae5bda2228cbd413e4374695d325d4aa8365536ddd8472
                                                                                                                                                                        • Opcode Fuzzy Hash: 515f411d889eda6d2bea7ccafef1002298822dd5b625610fd8824944a48d8c55
                                                                                                                                                                        • Instruction Fuzzy Hash: EDE1EFB5501B008FD325CF28D992B97BBE1FF06705F04886DE4AA87B52E735B854CB64
                                                                                                                                                                        Function 00E07AB0 Relevance: .4, Instructions: 354COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 3770e32bb40515ffbd3339a9b3e74945c0541f5d8b7bb85699d3bc87feb8f3fb
                                                                                                                                                                        • Instruction ID: 9b96800cf05214d8342f6289636f3d02624de495c34ed7617a676cd153d64c70
                                                                                                                                                                        • Opcode Fuzzy Hash: 3770e32bb40515ffbd3339a9b3e74945c0541f5d8b7bb85699d3bc87feb8f3fb
                                                                                                                                                                        • Instruction Fuzzy Hash: 42B10372E0C3504BE314DA28CC85B6BB7E5EBC9314F08592DE9D9A73C2E635EC458792
                                                                                                                                                                        Function 00DCAF10 Relevance: .3, Instructions: 303COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 9c6117061885288c1b39a5b943f8482e52345fd8b1a48c2f17ef7dcb0cf10c7c
                                                                                                                                                                        • Instruction ID: f06fdd4054acdd5a73c65a178bc88e9a1c64384b602e30df0752da83c53ad0e7
                                                                                                                                                                        • Opcode Fuzzy Hash: 9c6117061885288c1b39a5b943f8482e52345fd8b1a48c2f17ef7dcb0cf10c7c
                                                                                                                                                                        • Instruction Fuzzy Hash: 96C16D72A087418FC360CF68DC96BABB7E1BF85318F08492DD1D9C7242D778A155CB55
                                                                                                                                                                        Function 00DD6536 Relevance: .3, Instructions: 295COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 9e87338b79f05808be7405af7b9e46e17797fdce59d24c362ed7b091b6cf30c8
                                                                                                                                                                        • Instruction ID: c6d071166e502fbc14e201d09e214b029ff8e90cfbae4ab50687018c3d471e80
                                                                                                                                                                        • Opcode Fuzzy Hash: 9e87338b79f05808be7405af7b9e46e17797fdce59d24c362ed7b091b6cf30c8
                                                                                                                                                                        • Instruction Fuzzy Hash: F7B101B4500B408BD3218F24D991B27BBF1EF46704F14885DE8AA8BB52E775F805CBA5
                                                                                                                                                                        Function 00E07710 Relevance: .3, Instructions: 287COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID: InitializeThunk
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID: 2994545307-0
                                                                                                                                                                        • Opcode ID: b08935a118c282fc72304cc26c24c860564e75f28854a84642366f889778da2c
                                                                                                                                                                        • Instruction ID: 0773af60519a37a1cf93b3aac05b71a9d9001a9e069b6590b138497e49aa8351
                                                                                                                                                                        • Opcode Fuzzy Hash: b08935a118c282fc72304cc26c24c860564e75f28854a84642366f889778da2c
                                                                                                                                                                        • Instruction Fuzzy Hash: 24919C71A08301ABE724DA14C881BABB7E5EB85354F54981DF8D4A73D1E730E980CBA2
                                                                                                                                                                        Function 00E0A0D0 Relevance: .3, Instructions: 282COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 36b2a2d11eeee3030cf8ea178a244abd0a8536f7a1ea3670d7fe32b36db4626e
                                                                                                                                                                        • Instruction ID: 3c2fac61f101672be61f9385778b644146c205bcec72dec3a6d5d4b0af05f07d
                                                                                                                                                                        • Opcode Fuzzy Hash: 36b2a2d11eeee3030cf8ea178a244abd0a8536f7a1ea3670d7fe32b36db4626e
                                                                                                                                                                        • Instruction Fuzzy Hash: 4381AF352093058FD724DF28C880A2EB7F5EF99744F09992CE585A72A1E735EC90CB92
                                                                                                                                                                        Function 00DF64F0 Relevance: .2, Instructions: 246COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: f469383aa6d5810bd951bb0e91feb85ddf6b8f257e7e7d4e1a9e0c0c39acf6e4
                                                                                                                                                                        • Instruction ID: 29aff09e280fe195417cacdf20ff36186a9a94cef0120110a1a2523466100d3b
                                                                                                                                                                        • Opcode Fuzzy Hash: f469383aa6d5810bd951bb0e91feb85ddf6b8f257e7e7d4e1a9e0c0c39acf6e4
                                                                                                                                                                        • Instruction Fuzzy Hash: FC71F833B29A944BC3149D7D5C423A5AA834BD6334B3EC379EAB4DB7E5D52ACC054360
                                                                                                                                                                        Function 00DE28E9 Relevance: .2, Instructions: 244COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 201d44fc0b4f4551249a5ec965d10645ce295cf90cda2963c33e63c4b2f81287
                                                                                                                                                                        • Instruction ID: 3be052f6e75b6626dd8ba3056235cd6aac615a1e5ef9273bdb09017c6e0c69f3
                                                                                                                                                                        • Opcode Fuzzy Hash: 201d44fc0b4f4551249a5ec965d10645ce295cf90cda2963c33e63c4b2f81287
                                                                                                                                                                        • Instruction Fuzzy Hash: 1B6185B44183808BD310AF1AD891A2BBBF4EFA2750F18891CE5C59B261E379C910CB66
                                                                                                                                                                        Function 00DE7C00 Relevance: .2, Instructions: 243COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 91f9a3558c6d2b7b1cfb4d24d8710871fe02a8baa5f49c1cb10f1a87489cff48
                                                                                                                                                                        • Instruction ID: 9b80d075fdfce8d51c13db94b8af8f152f96630e5ebe140b0493a3383533eb1b
                                                                                                                                                                        • Opcode Fuzzy Hash: 91f9a3558c6d2b7b1cfb4d24d8710871fe02a8baa5f49c1cb10f1a87489cff48
                                                                                                                                                                        • Instruction Fuzzy Hash: 8C51D0B16082449BDB60AB25CC86BB733B8EF85754F184958F985CB290F375DC01C771
                                                                                                                                                                        Function 00DF1860 Relevance: .2, Instructions: 217COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 6d108e008403b3c92b59985e25fae4eb0cb21936506a5ffd7efe5999b9cc5533
                                                                                                                                                                        • Instruction ID: 89c01d8a35b136786e4aff457a5f763ff2b85cc06f89c6802ad4b8dc21de88ab
                                                                                                                                                                        • Opcode Fuzzy Hash: 6d108e008403b3c92b59985e25fae4eb0cb21936506a5ffd7efe5999b9cc5533
                                                                                                                                                                        • Instruction Fuzzy Hash: 2161F335609309EBD714CE2CC58033FBBE2ABC5350F6AC92DE6D98B251D270DD829B51
                                                                                                                                                                        Function 00DF82D0 Relevance: .2, Instructions: 215COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 8f26e280d693b4182bfc522a1277a245ad828a41758ed7d1eb76a066f63df2d3
                                                                                                                                                                        • Instruction ID: d91d40edb03b44d6466bed482047553165745388a92a2d2afaa6c5477c7dfde6
                                                                                                                                                                        • Opcode Fuzzy Hash: 8f26e280d693b4182bfc522a1277a245ad828a41758ed7d1eb76a066f63df2d3
                                                                                                                                                                        • Instruction Fuzzy Hash: 02613623A1A9954BC314453D5C453BAAA831BD2330F3FC3669AF18B3F4C96A88456363
                                                                                                                                                                        Function 00DD42FC Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 6a9380e99406c829472902ed2e6853d4941f81242d92adfd12f182bd5b00d0c6
                                                                                                                                                                        • Instruction ID: 6a816037764de2a83e7e6777781d918d80ed623accdc0ab6fbc816a9ae5b96b8
                                                                                                                                                                        • Opcode Fuzzy Hash: 6a9380e99406c829472902ed2e6853d4941f81242d92adfd12f182bd5b00d0c6
                                                                                                                                                                        • Instruction Fuzzy Hash: 7081D1B4810B00AFD360EF39D947757BEF4AB06201F404A2EE4EA97695E7306459CBE3
                                                                                                                                                                        Function 00E6762B Relevance: .2, Instructions: 204COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 05170dea5ff015337ab8f6fe8dbbd7b8d97f988c5e7bb536b020fe1b70967b43
                                                                                                                                                                        • Instruction ID: eea18c5674aeb1151eecef443082f0934329cc3fc0ed22995a3fcd9de9424f5b
                                                                                                                                                                        • Opcode Fuzzy Hash: 05170dea5ff015337ab8f6fe8dbbd7b8d97f988c5e7bb536b020fe1b70967b43
                                                                                                                                                                        • Instruction Fuzzy Hash: F75146F3E092145BF704A92DDC9977AB68A9BE4321F2F8139DA8497784FC756C0542C2
                                                                                                                                                                        Function 00DFE8A0 Relevance: .2, Instructions: 189COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 53adb1b22930f8a695f789fdc3f4b943ccd6ac5fb5c634955e3c1cdf4e3fec6a
                                                                                                                                                                        • Instruction ID: ac7f955f5524475a75a535f14da0efdd8a9f451607a17c3360dbcbcc2e09e5a6
                                                                                                                                                                        • Opcode Fuzzy Hash: 53adb1b22930f8a695f789fdc3f4b943ccd6ac5fb5c634955e3c1cdf4e3fec6a
                                                                                                                                                                        • Instruction Fuzzy Hash: 5E516CB15083548FE314DF69D49436BBBE1BBC5318F054E2DE5E987390E379DA088B92
                                                                                                                                                                        Function 00E07520 Relevance: .2, Instructions: 176COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: f0c58e278b48ce66ce2a58aae16e6550936b432be88ab7c5aede0d23a7aee892
                                                                                                                                                                        • Instruction ID: 8fafbf57b15a3a9d4827efe065818254acda6f0cfbe6cad6590966d3822722d1
                                                                                                                                                                        • Opcode Fuzzy Hash: f0c58e278b48ce66ce2a58aae16e6550936b432be88ab7c5aede0d23a7aee892
                                                                                                                                                                        • Instruction Fuzzy Hash: 8A512831A0C2009FC7159E18DC90B2EB7E6FB85358F289A2CE8D5673D1C632FC548B91
                                                                                                                                                                        Function 00DC5A50 Relevance: .2, Instructions: 163COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: ddf71c99375e2a0c5a22bb08e974e9f430cc48aa889155d42b95e55b43c4b6f4
                                                                                                                                                                        • Instruction ID: 252e7055d7124e8408ec5288f12471bdb999b53bd78dd77da5b68beebde9fe6d
                                                                                                                                                                        • Opcode Fuzzy Hash: ddf71c99375e2a0c5a22bb08e974e9f430cc48aa889155d42b95e55b43c4b6f4
                                                                                                                                                                        • Instruction Fuzzy Hash: 6451D575A047069FC714DF14E890E26B7A1FF85324F19466CF89A8B356D631FC82CBA2
                                                                                                                                                                        Function 0109D1A5 Relevance: .2, Instructions: 157COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: fae7371daa6cd5ef58fb3d5c4306979629f2d664ef5a7e01cca29723e4806680
                                                                                                                                                                        • Instruction ID: 4eb3f51b83eb513d35f1e2a92b64e3cb671479dcc5235c365931cc2443eb8a0f
                                                                                                                                                                        • Opcode Fuzzy Hash: fae7371daa6cd5ef58fb3d5c4306979629f2d664ef5a7e01cca29723e4806680
                                                                                                                                                                        • Instruction Fuzzy Hash: 7E5112B348C604EFC7406EA9DC5553EBBE4EB54320F56C92EE9C6C7600E6349841DB93
                                                                                                                                                                        Function 00DEEC48 Relevance: .1, Instructions: 146COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: fe15f8d15312c2e872a17c32fc37ffaa951a8b437a2bdd1a0638e97627c840fa
                                                                                                                                                                        • Instruction ID: 379d0fc568e6a90f88e44e118fb71d18e3dd4ba3c7798b0ae62583b4e3e2315e
                                                                                                                                                                        • Opcode Fuzzy Hash: fe15f8d15312c2e872a17c32fc37ffaa951a8b437a2bdd1a0638e97627c840fa
                                                                                                                                                                        • Instruction Fuzzy Hash: D3419E7490035ADFDF209F55DC91BA9B7B0FF0A300F184548E945BB3A1EB39A951CBA1
                                                                                                                                                                        Function 00E09B60 Relevance: .1, Instructions: 140COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 3d1e50e3218725e86deb6f178aa1eadc61a481a47c5673e4bed3533ad9eae4b5
                                                                                                                                                                        • Instruction ID: 976a0df511d8bba08509cc12c77d410476d92a9469717cdf5b6d03889288f57d
                                                                                                                                                                        • Opcode Fuzzy Hash: 3d1e50e3218725e86deb6f178aa1eadc61a481a47c5673e4bed3533ad9eae4b5
                                                                                                                                                                        • Instruction Fuzzy Hash: FE418B34608300AFE7109F15D9D1B2BF7E6EB85714F28982CF589A7293D371E881CB66
                                                                                                                                                                        Function 00DD2030 Relevance: .1, Instructions: 136COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 03de9c28665806a0ca3ecfddd6ebe3473e33d182c68f6d420d53ba50e7e8c608
                                                                                                                                                                        • Instruction ID: ee073663f0ee71e4ececad890426d3ef51380a3ef10c7420d9254d0e77068e4e
                                                                                                                                                                        • Opcode Fuzzy Hash: 03de9c28665806a0ca3ecfddd6ebe3473e33d182c68f6d420d53ba50e7e8c608
                                                                                                                                                                        • Instruction Fuzzy Hash: FB41F632A083654FD35CCF29889023ABBE2ABD5300F19C62FE4E6873D0DA748945D791
                                                                                                                                                                        Function 00DD1E93 Relevance: .1, Instructions: 131COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 6ea87ae65e691d14c5687e8d5e426a9ca7c5437e7b6719baf7386ab04a9ee343
                                                                                                                                                                        • Instruction ID: c353068669f0b7f180b582947e8882db16ea2ab3f64d8d6f5211407fa64ed811
                                                                                                                                                                        • Opcode Fuzzy Hash: 6ea87ae65e691d14c5687e8d5e426a9ca7c5437e7b6719baf7386ab04a9ee343
                                                                                                                                                                        • Instruction Fuzzy Hash: 9E410F7550C380ABC320AB59C884B2EFBF5FB96354F14491DF6C497392C37AE8148B66
                                                                                                                                                                        Function 00E08D8A Relevance: .1, Instructions: 124COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: ab27703c5d467d94743f671c359bebc12c28252b097d1b9d34360bd2672b935a
                                                                                                                                                                        • Instruction ID: 7becc71af1b118b88c7c8aa416b8c94465dc5b271d84bb3ad12e980cfeafacde
                                                                                                                                                                        • Opcode Fuzzy Hash: ab27703c5d467d94743f671c359bebc12c28252b097d1b9d34360bd2672b935a
                                                                                                                                                                        • Instruction Fuzzy Hash: DD41EF3160C3508FC304DF68C59052EFBEAAF99304F099A2DD4D5E72A1CB74DD458B82
                                                                                                                                                                        Function 00DDD961 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: b7bb8aed00f1077b7d69415cb4f3e1a98e6db58c31249354910995e35a5e9aa9
                                                                                                                                                                        • Instruction ID: ce642ea9ae628a3fba1d6061f9bc195beb3475f1eee6eaf66df89e7b6beeab2c
                                                                                                                                                                        • Opcode Fuzzy Hash: b7bb8aed00f1077b7d69415cb4f3e1a98e6db58c31249354910995e35a5e9aa9
                                                                                                                                                                        • Instruction Fuzzy Hash: 5841DCB16483818BD7309F14C885BABB3B1FFA6360F08495DE48A8B792E7754841CB63
                                                                                                                                                                        Function 010BB3D2 Relevance: .1, Instructions: 116COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 872140cfabece1e9931ff534456c96efc1b149c113da6007b27e43f73561a543
                                                                                                                                                                        • Instruction ID: 837aca5e1fd07af0616b1857f1748519802a2aa1a651171ee78fbf916cfd99a0
                                                                                                                                                                        • Opcode Fuzzy Hash: 872140cfabece1e9931ff534456c96efc1b149c113da6007b27e43f73561a543
                                                                                                                                                                        • Instruction Fuzzy Hash: B431D2F260C2008BD324BA29DCC57BEB7EAFB94310F16853CD6C69B748EA3558418697
                                                                                                                                                                        Function 00DFF030 Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: c5be6113664422e96713363ec41851647c31506b086c17a8b3ff98e201e465e1
                                                                                                                                                                        • Instruction ID: 9a07b7929f1da603e135d972f15658b4df0f12cee2e2fb8bc52ccd350a5aa6e9
                                                                                                                                                                        • Opcode Fuzzy Hash: c5be6113664422e96713363ec41851647c31506b086c17a8b3ff98e201e465e1
                                                                                                                                                                        • Instruction Fuzzy Hash: AB21F5329082284BC3249B5DC48163BF7E5EF99704F0BC62EEAC4A7295E7359C1487E5
                                                                                                                                                                        Function 00E067EF Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 93808a5aaf19148b84a046c149eecf795622627fba3455cfd4db2237ec527c84
                                                                                                                                                                        • Instruction ID: 5fe931911ec8f18228f3c93b63872031368796b1fcb4620eee269243bd25bb8c
                                                                                                                                                                        • Opcode Fuzzy Hash: 93808a5aaf19148b84a046c149eecf795622627fba3455cfd4db2237ec527c84
                                                                                                                                                                        • Instruction Fuzzy Hash: 9131287051C3829AD714CF14C49062FBBF0EF96788F54A80DF4C8AB2A1D338D995CB9A
                                                                                                                                                                        Function 00DE5E70 Relevance: .1, Instructions: 99COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: cc84e163ab83865e75510dd5a5700e8a905ace9f0b14828f0b84980899b52afd
                                                                                                                                                                        • Instruction ID: 4214050a33ba819ec30568d02d7a7b2c402833e9361b19735e744655eabf57e4
                                                                                                                                                                        • Opcode Fuzzy Hash: cc84e163ab83865e75510dd5a5700e8a905ace9f0b14828f0b84980899b52afd
                                                                                                                                                                        • Instruction Fuzzy Hash: 1D21B071508641DBC310AF29D85192BB7F4EF927A8F48890CF4D99B296E335CA00CBB3
                                                                                                                                                                        Function 00DC49A0 Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: cbe2eee255ce80e2df90ed4850d7395439c2c852be5922ee4a7cea5853ec6c97
                                                                                                                                                                        • Instruction ID: 691ee77285e25e0563fffdc58b559d64e038de964c48ab0f8cecd434d0234cd4
                                                                                                                                                                        • Opcode Fuzzy Hash: cbe2eee255ce80e2df90ed4850d7395439c2c852be5922ee4a7cea5853ec6c97
                                                                                                                                                                        • Instruction Fuzzy Hash: 0431E5316582129BD7109E58D8A0F2BB7E1EF8435CF1C892CE8DACB241D631DC42CB66
                                                                                                                                                                        Function 00F010C1 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 66f8c383fa133e23211dbb27cdcae40cdb55f087a44584badb803ed92b3a3399
                                                                                                                                                                        • Instruction ID: babe0352052d7c63cae660bf3130a5dd008187b06f3faca58a1393e3e9a38394
                                                                                                                                                                        • Opcode Fuzzy Hash: 66f8c383fa133e23211dbb27cdcae40cdb55f087a44584badb803ed92b3a3399
                                                                                                                                                                        • Instruction Fuzzy Hash: 932107F3E196004BF304D92AED85376B6DBDBD4331F3AC13DDA849A789F87958464288
                                                                                                                                                                        Function 00E064B8 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: a90cc5a2adc9742809724f4245c02b7ea3030d719a69c5c6f9e604ca310d3032
                                                                                                                                                                        • Instruction ID: 7d7225517656908c709da7091a03176f7272281bcd173ba94d21c92f12813081
                                                                                                                                                                        • Opcode Fuzzy Hash: a90cc5a2adc9742809724f4245c02b7ea3030d719a69c5c6f9e604ca310d3032
                                                                                                                                                                        • Instruction Fuzzy Hash: D421397050C241DFD705EF19D480A2EFBE6FBD5745F18981CE4D4A72A1C335A8A4CB62
                                                                                                                                                                        Function 00E05700 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: af1e124fd29c3f78bf32ddf0079fe58dab921ebb25457811319623a1afa8c1ff
                                                                                                                                                                        • Instruction ID: c13f0e3eb89b54967b239992a451125d9e3a2e0da1ba68bd857bde851939195e
                                                                                                                                                                        • Opcode Fuzzy Hash: af1e124fd29c3f78bf32ddf0079fe58dab921ebb25457811319623a1afa8c1ff
                                                                                                                                                                        • Instruction Fuzzy Hash: 5C11A07191C240EBD301AF28E844A5BBBF5EF9A710F09982CE4C4AB2A1D335D854CB93
                                                                                                                                                                        Function 00DFB650 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                        • Instruction ID: ed80b973b79cefbd783b16d3ce97690cbfec434ce1b322bd5e620c77e7a9d4d6
                                                                                                                                                                        • Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                        • Instruction Fuzzy Hash: 8611C633A051D90EC3168D3CC840575BFE31AA7234B5E839AE4B4DF2D2D7228D8A8364
                                                                                                                                                                        Function 00DF0B80 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 90022ddfb32469098a8610d4b68e70bc315f5b0e8987f5b71d64abe4c0da561b
                                                                                                                                                                        • Instruction ID: a9427f7de36a7955d78aca04086845ccdf053e3d3706127c9c93383d5b10bb92
                                                                                                                                                                        • Opcode Fuzzy Hash: 90022ddfb32469098a8610d4b68e70bc315f5b0e8987f5b71d64abe4c0da561b
                                                                                                                                                                        • Instruction Fuzzy Hash: D901B1F1A1030647E7209F5198D0B3BB6A8AF80718F1EC52CEB0A87203DB71EC06C6B1
                                                                                                                                                                        Function 00DED1E1 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 249097f3f12a7c455d3810d381c10f59422490d36205a79b1d610283034bdf2b
                                                                                                                                                                        • Instruction ID: 32cb50d8f14137ade2c65988719aa55de90877002f41bf10c2bfa20f3b325881
                                                                                                                                                                        • Opcode Fuzzy Hash: 249097f3f12a7c455d3810d381c10f59422490d36205a79b1d610283034bdf2b
                                                                                                                                                                        • Instruction Fuzzy Hash: 2C11EFB0408380AFD310AF618584A2FFBE5EB96754F148C0DF6A49B251C775D819CF56
                                                                                                                                                                        Function 00DC6EA0 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 5cc6706f463f0b109606aa8830d0b2d63e9db7dce3aba0d5cee1c63ff0ea17b2
                                                                                                                                                                        • Instruction ID: 113c059465dde88afa61f3cbb2375abdaa60af41a7f2fb16077b5ab78f0a755a
                                                                                                                                                                        • Opcode Fuzzy Hash: 5cc6706f463f0b109606aa8830d0b2d63e9db7dce3aba0d5cee1c63ff0ea17b2
                                                                                                                                                                        • Instruction Fuzzy Hash: 18F0B43A71921A0FA610CDABA8C4D3BF396DBD9355B18553DEA41D3201DDB2E80691A0
                                                                                                                                                                        Function 00DFB8C0 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: dad40b8a8b0cf0c680be38028a9801f4e1e9da1297b4f3b9e1d9df466e9bee7e
                                                                                                                                                                        • Instruction ID: 6506d07c58c905065930edc77b6421f51c28c54387ea28b09faa2761b04cb969
                                                                                                                                                                        • Opcode Fuzzy Hash: dad40b8a8b0cf0c680be38028a9801f4e1e9da1297b4f3b9e1d9df466e9bee7e
                                                                                                                                                                        • Instruction Fuzzy Hash: 1E0162B3A199610B8348CE3DDC1156BBAD15BD5770F19872DBEF5CB3E0D230C8118695
                                                                                                                                                                        Function 00DDC5F0 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: d8ebd7708255391ffa87ed53dd5dbf97c7cff7b52fcdad9dabb06971c835301f
                                                                                                                                                                        • Instruction ID: afd6f86e1ed7dc578beff9a6215ab27dc393fb41cabbec3b70aacfa27007612f
                                                                                                                                                                        • Opcode Fuzzy Hash: d8ebd7708255391ffa87ed53dd5dbf97c7cff7b52fcdad9dabb06971c835301f
                                                                                                                                                                        • Instruction Fuzzy Hash: EB014B72A196204B8308CE3C9C1112ABEE19B86330F158B2EBCFAD73E0D664CD548696
                                                                                                                                                                        Function 00DDB410 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 809ee23363f840c811a801533be2b64f834fb93f4c5a4ab9cc37b5a2fd812bb4
                                                                                                                                                                        • Instruction ID: 2da602897fc45d4e38a343457b6495e038043e133177002b418e552af01cb61c
                                                                                                                                                                        • Opcode Fuzzy Hash: 809ee23363f840c811a801533be2b64f834fb93f4c5a4ab9cc37b5a2fd812bb4
                                                                                                                                                                        • Instruction Fuzzy Hash: 12F0A7B160451497DB22CA589C80B3BBBDCCB9636CF1A0427E84557303D2615845C3F5
                                                                                                                                                                        Function 00DF8220 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 76276a7cdd457cad1e221d31b524aea345124b6d898382e3406636164696b46d
                                                                                                                                                                        • Instruction ID: e9ca87a704c7872f2de750e1995c73485a853d6111d9e40dd18641337849e322
                                                                                                                                                                        • Opcode Fuzzy Hash: 76276a7cdd457cad1e221d31b524aea345124b6d898382e3406636164696b46d
                                                                                                                                                                        • Instruction Fuzzy Hash: B201E4B04147009FD360EF29C886757BBE8EB48714F104A1DE8AECB680D771A588CB82
                                                                                                                                                                        Function 00E01440 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
                                                                                                                                                                        • Instruction ID: cb58f98ce8386ee577bc0eca1e4dacdd9145138d3bce9fc60f2e59eaf909ae28
                                                                                                                                                                        • Opcode Fuzzy Hash: a4b5204e339133bf84330416a5308528dd9e98d6cb7a6fcb91640552a86da4e7
                                                                                                                                                                        • Instruction Fuzzy Hash: 7DD0A73160832246DF748E19A400977F7F0EAC7B55F49A59EF596F7198D230DC81C2A9
                                                                                                                                                                        Function 00DD1ACD Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 76c923a3e63067f13786ed4311e166813969a655e0e2e4208862e690b43f741e
                                                                                                                                                                        • Instruction ID: 18f72016a1e8f4dd568d244cb8a9569821e00544aede9055ac2b943a2a588712
                                                                                                                                                                        • Opcode Fuzzy Hash: 76c923a3e63067f13786ed4311e166813969a655e0e2e4208862e690b43f741e
                                                                                                                                                                        • Instruction Fuzzy Hash: 08C08C38A181008FC204CF02FCD5576B3B8E307308700B03AEE23F3B61CA20D82E8909
                                                                                                                                                                        Function 00E06094 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: cf6c3a03d97dc47049396e63acc452432c8f8c10c2e684140bd779dd447b9bf9
                                                                                                                                                                        • Instruction ID: e04c48dfd2c906a07031f3458803a779de968e136da2afb293cc21448eaca3e4
                                                                                                                                                                        • Opcode Fuzzy Hash: cf6c3a03d97dc47049396e63acc452432c8f8c10c2e684140bd779dd447b9bf9
                                                                                                                                                                        • Instruction Fuzzy Hash: CBC04C3465C0008A9508CE1599518B5E2A69B97754724F019C84733295D128D916991C
                                                                                                                                                                        Function 00DD1A3C Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: 7c4879dfc5fc77f0fb1d7c651d31a645ec7b1997dd72a90dc7636cc1e6b3d54e
                                                                                                                                                                        • Instruction ID: 88bf5e366009fdf20ece2ff01f847d511de0f1be28f811b153dccef3ca4bf0af
                                                                                                                                                                        • Opcode Fuzzy Hash: 7c4879dfc5fc77f0fb1d7c651d31a645ec7b1997dd72a90dc7636cc1e6b3d54e
                                                                                                                                                                        • Instruction Fuzzy Hash: C6C04C34A591408EC654CE86A8D1531A2A99306208710303ADA52F7661C561D4598509
                                                                                                                                                                        Function 00E05FD6 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                        • Source File: 00000001.00000002.2236687733.0000000000DC1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00DC0000, based on PE: true
                                                                                                                                                                        • Associated: 00000001.00000002.2236673831.0000000000DC0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236735617.0000000000E20000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236753285.0000000000E2A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236767311.0000000000E2B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236781261.0000000000E2C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236884546.0000000000F88000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236908273.0000000000F8A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2236933194.0000000000FA3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237052470.0000000000FA4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FA5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237078069.0000000000FAE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237130285.0000000000FB9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237150113.0000000000FBA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237183041.0000000000FDE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237203330.0000000000FE9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237271874.0000000000FEA000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237293423.0000000000FF2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237321444.000000000100F000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237340072.0000000001014000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237360905.0000000001015000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237379403.000000000101C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237398650.000000000101D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237419243.0000000001022000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237439708.000000000102A000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237460103.000000000102C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237479138.000000000102D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237501811.000000000102F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237523241.0000000001031000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237541559.0000000001036000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237564128.000000000103D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237582220.000000000103F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237604256.0000000001046000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237624570.000000000104B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237650210.0000000001068000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.0000000001069000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237668715.000000000108A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237740955.000000000109E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237768178.00000000010A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237796776.00000000010B5000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010B6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237815569.00000000010BE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237875345.00000000010CD000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        • Associated: 00000001.00000002.2237900035.00000000010CE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                        • Snapshot File: hcaresult_1_2_dc0000_file.jbxd
                                                                                                                                                                        Similarity
                                                                                                                                                                        • API ID:
                                                                                                                                                                        • String ID:
                                                                                                                                                                        • API String ID:
                                                                                                                                                                        • Opcode ID: f34f033e9bbad96eee5e61f7792e612d166a3dfd4d8e11434a99aa40dfd0a369
                                                                                                                                                                        • Instruction ID: 93850a4ed23bbf818cbc4698310632d2761942b3cb2b9ab9d0c699f25b6e1f28
                                                                                                                                                                        • Opcode Fuzzy Hash: f34f033e9bbad96eee5e61f7792e612d166a3dfd4d8e11434a99aa40dfd0a369
                                                                                                                                                                        • Instruction Fuzzy Hash: 4AC09234B6C0008FA64CCF2ADD51DB5F2FA9B8BB18B14F02DC807B3256E138D91A860C